Apache – CVE-2019-10098

Description

Cytrix has detected that the version of Apache HTTP Server being used is vulnerable to Phishing
attacks and client-side attacks on browsers. Also known as CVE-2019-10098.

in mod_rewrite, certain self-referential mod_rewrite rules could be fooled by encoded newlines.
That will cause them to redirect users to an unexpected URL within the URL found in the request.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2019-10098, upgrade the version of Apache Server being used to 2.4.41.

References

https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »