Most deployed versions of Apache are potentially exploitable, as mod_rewrite has been found to be vulnerable to a stack smashing attack.  It is somewhat muted by the fact that only certain rules cause the problem.  The vulnerability is caused by an off-by-one error -- the most common programming error known to man.  Many SEOs use mod_rewrite, but not all will be affected; I checked my rules, and I am not exploitable (otherwise I wouldn't post this), but I'm upgrading anything I have anyway.  This affects all branches of Apache  -- 1.3 to 2.2.  The original report from McAfee is here.