FKIE_CVE-2009-0919
Vulnerability from fkie_nvd - Published: 2009-03-16 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.1:alpha:solaris:*:*:*:*:*",
"matchCriteriaId": "D852C7F0-6921-44FE-A87B-A8E78A05D6EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.1:beta:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "78CEFFC6-417B-4411-93A8-C22681827936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.2:alpha:solaris:*:*:*:*:*",
"matchCriteriaId": "04FC6977-82E8-4742-8CFE-9EC5E5511A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.2:beta:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "A2D5B075-D251-4104-86F1-4BA1FF7EC31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.3:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "D56B07D0-1D3F-495A-AD76-D866EDCAE68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.3:alpha:solaris:*:*:*:*:*",
"matchCriteriaId": "4B3E4D15-23A8-4541-BB39-C6ACB84D7999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.4:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "AD23964B-A722-4F7C-A336-61A360ADFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.4:alpha:solaris:*:*:*:*:*",
"matchCriteriaId": "D35CA8B9-00B4-44CD-B5BF-CCE276F0216E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.5:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "B9ACB8C9-5980-4789-9CCE-9805906F2DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.5:beta:solaris:*:*:*:*:*",
"matchCriteriaId": "DF9F9BEF-FC13-48BB-9E6E-68B7F5828CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "678BE4AA-6505-4A9D-9531-5A581FBA4DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6:beta:solaris:*:*:*:*:*",
"matchCriteriaId": "6D1AB580-968E-4C74-AD98-7B21FC1D8F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.1:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E3E9D24D-A10F-4249-A39B-1C0762EEF1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.2:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "A915227E-F7E4-4A8E-8E6A-473C1FC8C8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.3:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "B708DBBE-F01F-4C1B-B88D-CFB0E2EF20EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.6a:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "35A52F08-3A3C-45BF-805E-6B3F2062D77E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7:beta:solaris:*:*:*:*:*",
"matchCriteriaId": "D667FE7B-9C1A-49D9-87C2-F7AC02F84C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.0:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "1388121F-3F5A-494C-91E9-A64B24F64B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.1:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "D49CD506-F56C-41A5-89C1-A3D43F8EB162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.2:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "56FD60B1-B834-496C-A44C-55AD27B5D025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.3:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "294BBC24-7AB9-4F03-9AF3-439333640E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.4:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "9EF76E73-830A-4116-8E91-A3EE3AB2D0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.8.1:-:solaris:*:*:*:*:*",
"matchCriteriaId": "15C42672-5DB6-4DB7-BCA6-AA6BFF06FC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.8.2:-:solaris:*:*:*:*:*",
"matchCriteriaId": "881F9C72-A00F-48DC-ACB1-864F6C780325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.9:-:solaris:*:*:*:*:*",
"matchCriteriaId": "22CF20F2-6F81-417E-A5ED-339BEFF17866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:0.9:-:windows:*:*:*:*:*",
"matchCriteriaId": "9BAEB9A5-52CA-456A-AC86-8C8A1DD796CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "B5BE1F44-BC2F-42E2-B767-AA68EF6A099C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.0.1:-:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "595B32FD-012E-4C8E-8551-9C34BA3B1F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "C94F02B3-F069-421C-969F-CB07C03691CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.2:-:linux:*:*:*:*:*",
"matchCriteriaId": "521DDEA7-67AB-4F15-B01D-B3B27323F790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "88AEFD99-5859-43B4-A063-7ACE2539799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "1FCF3544-ED63-4093-9FF8-6D935FA41DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "00D8EC46-23B9-4C8E-8BDD-B33591D9953E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4:-:linux:*:*:*:*:*",
"matchCriteriaId": "518A38DF-D65C-4413-9562-F8BCEE6A7DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "753252BB-CD66-4B66-BB2F-87443A332DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.2:-:linux:*:*:*:*:*",
"matchCriteriaId": "42A7210B-429F-4768-B500-88E4DAC38883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "9BCC1009-E28C-40B2-B12F-CF0FB653A6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "2E92F057-5D2B-48BA-8888-C24694E3F976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "FD01B77C-5899-49DB-90B2-17D37F26E3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.4:-:linux:*:*:*:*:*",
"matchCriteriaId": "692792A8-5EF6-4938-AA73-1E496E646FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "EF035291-21D1-42C9-84F7-9623AACDE2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.5:-:linux:*:*:*:*:*",
"matchCriteriaId": "6D416297-CD18-4069-8FBB-BA31D268D7BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "D80F49AC-E95E-45EF-8053-EC1B68E3B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.6:-:linux:*:*:*:*:*",
"matchCriteriaId": "D4FF050C-B90B-48C6-A159-DBBC7DF727F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.6:-:windows:*:*:*:*:*",
"matchCriteriaId": "DD43FE64-CEB5-4F9E-93D1-FD0D1183D9A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.7:-:linux:*:*:*:*:*",
"matchCriteriaId": "00D41D08-45E5-4A6F-84C1-60105950DFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.7:-:windows:*:*:*:*:*",
"matchCriteriaId": "5E428F45-0EF4-4CE6-A6E9-A6D4D649DB4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.8:-:linux:*:*:*:*:*",
"matchCriteriaId": "1C1B89C2-8900-4715-BF68-77992EC03965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.8:-:windows:*:*:*:*:*",
"matchCriteriaId": "E98A18D2-02FD-4FEC-8A95-945E216D2B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.9:-:linux:*:*:*:*:*",
"matchCriteriaId": "0F848630-852D-49CA-B503-52D128E15737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.9:-:windows:*:*:*:*:*",
"matchCriteriaId": "326D9976-BF09-41A8-9FDA-1E708913F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.10:-:linux:*:*:*:*:*",
"matchCriteriaId": "E44CFC4F-A390-4479-8900-8BFED1A4BF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.10:-:windows:*:*:*:*:*",
"matchCriteriaId": "F498C376-5DE2-4CF0-86CB-04817540196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.11:-:linux:*:*:*:*:*",
"matchCriteriaId": "A52BCC2A-E627-4953-A3BA-00344BA6D86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.11:-:windows:*:*:*:*:*",
"matchCriteriaId": "245C0C32-0D61-421B-AD96-5DDBAF3CAEC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.12:-:linux:*:*:*:*:*",
"matchCriteriaId": "3B39EA8B-5A4E-4CB2-AE1C-51698C678F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.12:-:windows:*:*:*:*:*",
"matchCriteriaId": "4ABD7A7F-933E-4801-BEC1-828D4D164D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.13:-:linux:*:*:*:*:*",
"matchCriteriaId": "19CFEB48-760D-4C7A-BF02-BEE37BCC5A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.13:-:windows:*:*:*:*:*",
"matchCriteriaId": "409EDE80-5401-4D2C-81B7-E902AF2BC05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.14:-:linux:*:*:*:*:*",
"matchCriteriaId": "0D823D61-D4E3-46CA-8DD0-AA7165DBD625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.14:-:windows:*:*:*:*:*",
"matchCriteriaId": "DF84DEF8-FE14-4542-9F12-8E7E8B2199C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.15:-:linux:*:*:*:*:*",
"matchCriteriaId": "2169A052-897D-415B-8E64-EFF052FB4E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.15:-:windows:*:*:*:*:*",
"matchCriteriaId": "EC2D3C65-85A6-4B6F-B96A-292F01EE89C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.16:-:linux:*:*:*:*:*",
"matchCriteriaId": "513F226A-C9A6-4D6A-A9B3-A1B52B3CDFE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.16:-:windows:*:*:*:*:*",
"matchCriteriaId": "B3F8A76A-8BFF-455E-93EF-9D1D1816A628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5:-:linux:*:*:*:*:*",
"matchCriteriaId": "670147E6-4A2F-491D-96B9-15F7CE0F623E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "5E2BE53B-E413-4ADF-88E2-0E18951A29FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.1:-:linux:*:*:*:*:*",
"matchCriteriaId": "D2130A2C-5983-4F36-9D35-59BD98CD12A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "14EDDE9C-1571-4015-8D93-277DA5E71B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.2:-:linux:*:*:*:*:*",
"matchCriteriaId": "0478D781-3A56-46E2-92C7-625D36E81FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "DE908119-F86C-4C4D-B997-8FF8B4FB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "B3120206-E5DE-4068-BED4-7AF420A10848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "A6D45009-6224-4EDA-A615-BE31C4F03CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4:-:linux:*:*:*:*:*",
"matchCriteriaId": "6DF4FF2F-DC67-4A6A-9559-83132DD10BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "D35F8989-2793-4A55-8B66-E10CB3A6ABE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4a:-:linux:*:*:*:*:*",
"matchCriteriaId": "3559622C-545E-4637-8EF9-4B8D988BC2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4a:-:windows:*:*:*:*:*",
"matchCriteriaId": "FF1B3B47-903A-4FE9-ABE9-794AF765B922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5:-:linux:*:*:*:*:*",
"matchCriteriaId": "8BACDCE8-992B-4A22-9F40-19EEA0C1A786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "98BAC01C-FDDC-466A-86ED-860F63F37C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5a:-:linux:*:*:*:*:*",
"matchCriteriaId": "4B59F9AA-F1ED-49FE-8111-0EBCB0790552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6:-:linux:*:*:*:*:*",
"matchCriteriaId": "45134D13-D489-469F-9A3A-8D4BA70FB219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "5C9E3E23-8822-457A-955E-33945AF34DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.0a:-:windows:*:*:*:*:*",
"matchCriteriaId": "68D8BBFF-D1E0-46FB-82D0-D3C508225C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.1:-:linux:*:*:*:*:*",
"matchCriteriaId": "3FE71F80-806D-4DB5-8375-4D24DA1D32FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "5BEEC481-A24C-43CE-8F21-E8EDC2F85841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.2:-:linux:*:*:*:*:*",
"matchCriteriaId": "97B4524A-CBDF-4601-85F3-13681C13F610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "37A8E8F9-97EC-45B9-9045-D86CB53D828D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "4AC0109B-C81A-4CF5-83BF-4E44D3C29F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "76F1A3F2-2F18-4A0C-98D4-5202BB0E527E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3a:-:linux:*:*:*:*:*",
"matchCriteriaId": "8EE9D235-0C16-45C8-AA45-8097CB4A963A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3a:-:windows:*:*:*:*:*",
"matchCriteriaId": "C6206F6B-4469-4FFE-A6C8-C8FA261DFDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3b:-:linux:*:*:*:*:*",
"matchCriteriaId": "8C7BC6E9-1C71-4CA5-8AFD-8C93537FF9CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.4:-:linux:*:*:*:*:*",
"matchCriteriaId": "7F199E65-F2A5-47F0-B92D-8D538000D9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "89A9AC2E-4A66-4D4C-AF17-70AB3217CA81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5:-:linux:*:*:*:*:*",
"matchCriteriaId": "2A0475AF-FA3D-4A34-8542-B11E130C4E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "29C62C67-FD02-4367-BF96-1F5DFE435AB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5a:-:linux:*:*:*:*:*",
"matchCriteriaId": "8E7EBE1D-0FEC-4ADD-AB8C-D67A6CB57922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6:-:linux:*:*:*:*:*",
"matchCriteriaId": "42C6F2F6-C596-4647-B6C3-ABCEF6A7C890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6:-:windows:*:*:*:*:*",
"matchCriteriaId": "B2D29AA5-0BF4-46C6-8D6D-B584F041788E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6a:-:windows:*:*:*:*:*",
"matchCriteriaId": "0174D79A-2341-44D4-B7EA-A14A38F8AF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.7:-:linux:*:*:*:*:*",
"matchCriteriaId": "EDBC5972-7BD9-4C90-91A7-7D4811857019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.7:-:windows:*:*:*:*:*",
"matchCriteriaId": "19A397CD-815D-4207-ABDB-67D0AAD8D750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.8:-:windows:*:*:*:*:*",
"matchCriteriaId": "391FA876-2CB5-47F6-879E-F1B3C2EF058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.8a:-:linux:*:*:*:*:*",
"matchCriteriaId": "A3486C4C-995A-425C-9A57-2E2A78AACADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.7:-:linux:*:*:*:*:*",
"matchCriteriaId": "BAF988E9-F7E6-4246-A5AF-8A68BA8C300C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.7:-:windows:*:*:*:*:*",
"matchCriteriaId": "6AABB31F-4389-4D1B-80AD-2B99BCE159AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.7.1:-:linux:*:*:*:*:*",
"matchCriteriaId": "ABFA800A-38C7-4C89-BE56-11929AE7E36C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:1.7.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "2B0A5ED3-D7B5-4B7C-B84B-EF0174F7D904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apachefriends:xampp:development:-:windows:*:*:*:*:*",
"matchCriteriaId": "F007A84B-F0F1-4DE2-9256-BA0A5D84B80E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the \"lampp\" default password for the \"nobody\" account within the included ProFTPD installation, (2) a blank default password for the \"root\" account within the included MySQL installation, (3) a blank default password for the \"pma\" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with \"no contact from / to internet.\""
},
{
"lang": "es",
"value": "XAMPP instala varios paquetes con contrase\u00f1as predeterminadas no confiables, lo que facilita a los atacantes remotos obtener acceso por medio de (1) la contrase\u00f1a predeterminada \"lampp\" para la cuenta \"nobody\" dentro de la instalaci\u00f3n ProFTPD incluida, (2) una contrase\u00f1a predeterminada en blanco para la cuenta \"root\" dentro de la instalaci\u00f3n MySQL incluida, (3) una contrase\u00f1a predeterminada en blanco para la cuenta \"pma\" dentro de la instalaci\u00f3n de phpMyAdmin, y posiblemente otras contrase\u00f1as no especificadas. NOTA: esto se inform\u00f3 originalmente como un problema en DFLabs PTK, pero este problema afecta a cualquier producto que est\u00e1 instalado dentro del entorno XAMPP, y no debe ser visto como una vulnerabilidad dentro de ese producto. NOTA: DFLabs declara que PTK est\u00e1 destinado a su uso en un laboratorio sin \"no contact from / to internet\"."
}
],
"id": "CVE-2009-0919",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-16T19:30:00.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.apachefriends.org/en/faq-xampp-linux.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debianhelp.co.uk/xampp.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.apachefriends.org/en/faq-xampp-linux.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debianhelp.co.uk/xampp.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…