Insecure Default Passwords in XAMPP by Apache Friends
CVE-2009-0919

Currently unrated

Key Information:

Vendor

Apachefriends

Status
Xampp
Vendor
CVE Published:
16 March 2009

What is CVE-2009-0919?

XAMPP has been identified to come with multiple packages pre-installed with insecure default passwords, facilitating unauthorized access by remote attackers. Specifically, the 'lampp' user for ProFTPD utilizes a default password, while the 'root' account in MySQL and the 'pma' account in phpMyAdmin are set without any password. This poorly configured environment can present significant risks particularly for users who fail to change these defaults. It is essential to reconfigure these accounts upon installation to mitigate vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ptk.dflabs.com/security.html
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/49306
vdb-entryx_refsource_XF
http://www.apachefriends.org/en/faq-xampp-linux.html
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.