Apache – CVE-2019-10098

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to Phishing
attacks and client-side attacks on browsers. Also known as CVE-2019-10098.

in mod_rewrite, certain self-referential mod_rewrite rules could be fooled by encoded newlines.
That will cause them to redirect users to an unexpected URL within the URL found in the request.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2019-10098, upgrade the version of Apache Server being used to 2.4.41.

References

https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »