LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Apache – CVE-2019-0190

Description

Cytrix has detected that the version of Apache being used has a bug that exists in the way mod_ssl handled client re-negotiations.

Remote attackers can abuse it to send carefully crafted requests that would cause mod_ssl to enter a “loop” leading to service being denied (DoS). Also known as CVE-2019-0190.

Severity/Score

CVSS Version 3.x – 7.5 High

Recommendation

This bug can be only triggered with Apache HTTP Server in version 2.4.37 when using OpenSSL version 1.1.1 or later.
That happens due to an interaction in changes to handling of renegotiation attempts.

To deal with CVE-2019-0190, update your Apache to version 2.4.38 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190

< Return to all Vulnerabilities

Request a Demo

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin