すでに出ているApache mod_rewriteの脆弱性のExploitが出ています。特にWin32ってのがやらしい。TCP/1154のポートを開くらしいです。

# Exploit for Apache mod_rewrite off-by-one(Win32).
#
# by axis
# http://www.ph4nt0m.org
# 2007-04-06
#
# Tested on Apache 2.0.58 (Win32)
# Windows2003 CN SP1
#
# Vulnerable Apache Versions:
# * 1.3 branch: >1.3.28 and <1.3.37
# * 2.0 branch: >2.0.46 and <2.0.59
# * 2.2 branch: >2.2.0 and <2.2.3
#
#
# Vulnerability discovered by Mark Dowd.
# CVE-2006-3747
#
# first POC by jack
# 2006-08-20
# http://www.milw0rm.com/exploits/2237