{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-03-13T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the \"lampp\" default password for the \"nobody\" account within the included ProFTPD installation, (2) a blank default password for the \"root\" account within the included MySQL installation, (3) a blank default password for the \"pma\" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with \"no contact from / to internet.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://ptk.dflabs.com/security.html"}, {"name": "ptk-default-password(49306)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.apachefriends.org/en/faq-xampp-linux.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.debianhelp.co.uk/xampp.htm"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0919", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the \"lampp\" default password for the \"nobody\" account within the included ProFTPD installation, (2) a blank default password for the \"root\" account within the included MySQL installation, (3) a blank default password for the \"pma\" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with \"no contact from / to internet.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ptk.dflabs.com/security.html", "refsource": "MISC", "url": "http://ptk.dflabs.com/security.html"}, {"name": "ptk-default-password(49306)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"}, {"name": "http://www.apachefriends.org/en/faq-xampp-linux.html", "refsource": "CONFIRM", "url": "http://www.apachefriends.org/en/faq-xampp-linux.html"}, {"name": "http://www.ibm.com/developerworks/linux/library/l-xampp/", "refsource": "MISC", "url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"}, {"name": "http://www.debianhelp.co.uk/xampp.htm", "refsource": "MISC", "url": "http://www.debianhelp.co.uk/xampp.htm"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:57:16.420Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ptk.dflabs.com/security.html"}, {"name": "ptk-default-password(49306)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.apachefriends.org/en/faq-xampp-linux.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.debianhelp.co.uk/xampp.htm"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0919", "datePublished": "2009-03-16T19:00:00.000Z", "dateReserved": "2009-03-16T00:00:00.000Z", "dateUpdated": "2024-08-07T04:57:16.420Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apachefriends:xampp:0.1:alpha:solaris:*:*:*:*:*", "matchCriteriaId": "D852C7F0-6921-44FE-A87B-A8E78A05D6EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.1:beta:mac_os_x:*:*:*:*:*", "matchCriteriaId": "78CEFFC6-417B-4411-93A8-C22681827936", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.2:alpha:solaris:*:*:*:*:*", "matchCriteriaId": "04FC6977-82E8-4742-8CFE-9EC5E5511A2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.2:beta:mac_os_x:*:*:*:*:*", "matchCriteriaId": "A2D5B075-D251-4104-86F1-4BA1FF7EC31C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.3:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "D56B07D0-1D3F-495A-AD76-D866EDCAE68B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.3:alpha:solaris:*:*:*:*:*", "matchCriteriaId": "4B3E4D15-23A8-4541-BB39-C6ACB84D7999", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.4:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "AD23964B-A722-4F7C-A336-61A360ADFA52", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.4:alpha:solaris:*:*:*:*:*", "matchCriteriaId": "D35CA8B9-00B4-44CD-B5BF-CCE276F0216E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.5:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "B9ACB8C9-5980-4789-9CCE-9805906F2DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.5:beta:solaris:*:*:*:*:*", "matchCriteriaId": "DF9F9BEF-FC13-48BB-9E6E-68B7F5828CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "678BE4AA-6505-4A9D-9531-5A581FBA4DE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6:beta:solaris:*:*:*:*:*", "matchCriteriaId": "6D1AB580-968E-4C74-AD98-7B21FC1D8F1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.1:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "E3E9D24D-A10F-4249-A39B-1C0762EEF1B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.2:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "A915227E-F7E4-4A8E-8E6A-473C1FC8C8B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6.3:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "B708DBBE-F01F-4C1B-B88D-CFB0E2EF20EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.6a:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "35A52F08-3A3C-45BF-805E-6B3F2062D77E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7:beta:solaris:*:*:*:*:*", "matchCriteriaId": "D667FE7B-9C1A-49D9-87C2-F7AC02F84C9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.0:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "1388121F-3F5A-494C-91E9-A64B24F64B2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.1:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "D49CD506-F56C-41A5-89C1-A3D43F8EB162", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.2:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "56FD60B1-B834-496C-A44C-55AD27B5D025", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.3:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "294BBC24-7AB9-4F03-9AF3-439333640E0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.7.4:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "9EF76E73-830A-4116-8E91-A3EE3AB2D0B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.8.1:-:solaris:*:*:*:*:*", "matchCriteriaId": "15C42672-5DB6-4DB7-BCA6-AA6BFF06FC65", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.8.2:-:solaris:*:*:*:*:*", "matchCriteriaId": "881F9C72-A00F-48DC-ACB1-864F6C780325", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.9:-:solaris:*:*:*:*:*", "matchCriteriaId": "22CF20F2-6F81-417E-A5ED-339BEFF17866", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:0.9:-:windows:*:*:*:*:*", "matchCriteriaId": "9BAEB9A5-52CA-456A-AC86-8C8A1DD796CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.0:-:windows:*:*:*:*:*", "matchCriteriaId": "B5BE1F44-BC2F-42E2-B767-AA68EF6A099C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.0.1:-:mac_os_x:*:*:*:*:*", "matchCriteriaId": "595B32FD-012E-4C8E-8551-9C34BA3B1F77", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "C94F02B3-F069-421C-969F-CB07C03691CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.2:-:linux:*:*:*:*:*", "matchCriteriaId": "521DDEA7-67AB-4F15-B01D-B3B27323F790", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.2:-:windows:*:*:*:*:*", "matchCriteriaId": "88AEFD99-5859-43B4-A063-7ACE2539799A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.3:-:linux:*:*:*:*:*", "matchCriteriaId": "1FCF3544-ED63-4093-9FF8-6D935FA41DBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.3:-:windows:*:*:*:*:*", "matchCriteriaId": "00D8EC46-23B9-4C8E-8BDD-B33591D9953E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4:-:linux:*:*:*:*:*", "matchCriteriaId": "518A38DF-D65C-4413-9562-F8BCEE6A7DA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4:-:windows:*:*:*:*:*", "matchCriteriaId": "753252BB-CD66-4B66-BB2F-87443A332DC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.2:-:linux:*:*:*:*:*", "matchCriteriaId": "42A7210B-429F-4768-B500-88E4DAC38883", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.2:-:windows:*:*:*:*:*", "matchCriteriaId": "9BCC1009-E28C-40B2-B12F-CF0FB653A6F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.3:-:linux:*:*:*:*:*", "matchCriteriaId": "2E92F057-5D2B-48BA-8888-C24694E3F976", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.3:-:windows:*:*:*:*:*", "matchCriteriaId": "FD01B77C-5899-49DB-90B2-17D37F26E3D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.4:-:linux:*:*:*:*:*", "matchCriteriaId": "692792A8-5EF6-4938-AA73-1E496E646FDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.4:-:windows:*:*:*:*:*", "matchCriteriaId": "EF035291-21D1-42C9-84F7-9623AACDE2CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.5:-:linux:*:*:*:*:*", "matchCriteriaId": "6D416297-CD18-4069-8FBB-BA31D268D7BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.5:-:windows:*:*:*:*:*", "matchCriteriaId": "D80F49AC-E95E-45EF-8053-EC1B68E3B897", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.6:-:linux:*:*:*:*:*", "matchCriteriaId": "D4FF050C-B90B-48C6-A159-DBBC7DF727F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.6:-:windows:*:*:*:*:*", "matchCriteriaId": "DD43FE64-CEB5-4F9E-93D1-FD0D1183D9A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.7:-:linux:*:*:*:*:*", "matchCriteriaId": "00D41D08-45E5-4A6F-84C1-60105950DFBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.7:-:windows:*:*:*:*:*", "matchCriteriaId": "5E428F45-0EF4-4CE6-A6E9-A6D4D649DB4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.8:-:linux:*:*:*:*:*", "matchCriteriaId": "1C1B89C2-8900-4715-BF68-77992EC03965", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.8:-:windows:*:*:*:*:*", "matchCriteriaId": "E98A18D2-02FD-4FEC-8A95-945E216D2B06", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.9:-:linux:*:*:*:*:*", "matchCriteriaId": "0F848630-852D-49CA-B503-52D128E15737", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.9:-:windows:*:*:*:*:*", "matchCriteriaId": "326D9976-BF09-41A8-9FDA-1E708913F828", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.10:-:linux:*:*:*:*:*", "matchCriteriaId": "E44CFC4F-A390-4479-8900-8BFED1A4BF6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.10:-:windows:*:*:*:*:*", "matchCriteriaId": "F498C376-5DE2-4CF0-86CB-04817540196F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.11:-:linux:*:*:*:*:*", "matchCriteriaId": "A52BCC2A-E627-4953-A3BA-00344BA6D86F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.11:-:windows:*:*:*:*:*", "matchCriteriaId": "245C0C32-0D61-421B-AD96-5DDBAF3CAEC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.12:-:linux:*:*:*:*:*", "matchCriteriaId": "3B39EA8B-5A4E-4CB2-AE1C-51698C678F9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.12:-:windows:*:*:*:*:*", "matchCriteriaId": "4ABD7A7F-933E-4801-BEC1-828D4D164D1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.13:-:linux:*:*:*:*:*", "matchCriteriaId": "19CFEB48-760D-4C7A-BF02-BEE37BCC5A25", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.13:-:windows:*:*:*:*:*", "matchCriteriaId": "409EDE80-5401-4D2C-81B7-E902AF2BC05D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.14:-:linux:*:*:*:*:*", "matchCriteriaId": "0D823D61-D4E3-46CA-8DD0-AA7165DBD625", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.14:-:windows:*:*:*:*:*", "matchCriteriaId": "DF84DEF8-FE14-4542-9F12-8E7E8B2199C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.15:-:linux:*:*:*:*:*", "matchCriteriaId": "2169A052-897D-415B-8E64-EFF052FB4E5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.15:-:windows:*:*:*:*:*", "matchCriteriaId": "EC2D3C65-85A6-4B6F-B96A-292F01EE89C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.16:-:linux:*:*:*:*:*", "matchCriteriaId": "513F226A-C9A6-4D6A-A9B3-A1B52B3CDFE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.4.16:-:windows:*:*:*:*:*", "matchCriteriaId": "B3F8A76A-8BFF-455E-93EF-9D1D1816A628", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5:-:linux:*:*:*:*:*", "matchCriteriaId": "670147E6-4A2F-491D-96B9-15F7CE0F623E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.0:-:windows:*:*:*:*:*", "matchCriteriaId": "5E2BE53B-E413-4ADF-88E2-0E18951A29FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.1:-:linux:*:*:*:*:*", "matchCriteriaId": "D2130A2C-5983-4F36-9D35-59BD98CD12A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.1:-:windows:*:*:*:*:*", "matchCriteriaId": "14EDDE9C-1571-4015-8D93-277DA5E71B3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.2:-:linux:*:*:*:*:*", "matchCriteriaId": "0478D781-3A56-46E2-92C7-625D36E81FD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.2:-:windows:*:*:*:*:*", "matchCriteriaId": "DE908119-F86C-4C4D-B997-8FF8B4FB0F0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.3:-:linux:*:*:*:*:*", "matchCriteriaId": "B3120206-E5DE-4068-BED4-7AF420A10848", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.3:-:windows:*:*:*:*:*", "matchCriteriaId": "A6D45009-6224-4EDA-A615-BE31C4F03CA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4:-:linux:*:*:*:*:*", "matchCriteriaId": "6DF4FF2F-DC67-4A6A-9559-83132DD10BE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4:-:windows:*:*:*:*:*", "matchCriteriaId": "D35F8989-2793-4A55-8B66-E10CB3A6ABE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4a:-:linux:*:*:*:*:*", "matchCriteriaId": "3559622C-545E-4637-8EF9-4B8D988BC2BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.4a:-:windows:*:*:*:*:*", "matchCriteriaId": "FF1B3B47-903A-4FE9-ABE9-794AF765B922", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5:-:linux:*:*:*:*:*", "matchCriteriaId": "8BACDCE8-992B-4A22-9F40-19EEA0C1A786", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5:-:windows:*:*:*:*:*", "matchCriteriaId": "98BAC01C-FDDC-466A-86ED-860F63F37C73", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.5.5a:-:linux:*:*:*:*:*", "matchCriteriaId": "4B59F9AA-F1ED-49FE-8111-0EBCB0790552", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6:-:linux:*:*:*:*:*", "matchCriteriaId": "45134D13-D489-469F-9A3A-8D4BA70FB219", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.0:-:windows:*:*:*:*:*", "matchCriteriaId": "5C9E3E23-8822-457A-955E-33945AF34DD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.0a:-:windows:*:*:*:*:*", "matchCriteriaId": "68D8BBFF-D1E0-46FB-82D0-D3C508225C37", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.1:-:linux:*:*:*:*:*", "matchCriteriaId": "3FE71F80-806D-4DB5-8375-4D24DA1D32FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.1:-:windows:*:*:*:*:*", "matchCriteriaId": "5BEEC481-A24C-43CE-8F21-E8EDC2F85841", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.2:-:linux:*:*:*:*:*", "matchCriteriaId": "97B4524A-CBDF-4601-85F3-13681C13F610", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.2:-:windows:*:*:*:*:*", "matchCriteriaId": "37A8E8F9-97EC-45B9-9045-D86CB53D828D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3:-:linux:*:*:*:*:*", "matchCriteriaId": "4AC0109B-C81A-4CF5-83BF-4E44D3C29F23", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3:-:windows:*:*:*:*:*", "matchCriteriaId": "76F1A3F2-2F18-4A0C-98D4-5202BB0E527E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3a:-:linux:*:*:*:*:*", "matchCriteriaId": "8EE9D235-0C16-45C8-AA45-8097CB4A963A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3a:-:windows:*:*:*:*:*", "matchCriteriaId": "C6206F6B-4469-4FFE-A6C8-C8FA261DFDA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.3b:-:linux:*:*:*:*:*", "matchCriteriaId": "8C7BC6E9-1C71-4CA5-8AFD-8C93537FF9CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.4:-:linux:*:*:*:*:*", "matchCriteriaId": "7F199E65-F2A5-47F0-B92D-8D538000D9C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.4:-:windows:*:*:*:*:*", "matchCriteriaId": "89A9AC2E-4A66-4D4C-AF17-70AB3217CA81", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5:-:linux:*:*:*:*:*", "matchCriteriaId": "2A0475AF-FA3D-4A34-8542-B11E130C4E16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5:-:windows:*:*:*:*:*", "matchCriteriaId": "29C62C67-FD02-4367-BF96-1F5DFE435AB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.5a:-:linux:*:*:*:*:*", "matchCriteriaId": "8E7EBE1D-0FEC-4ADD-AB8C-D67A6CB57922", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6:-:linux:*:*:*:*:*", "matchCriteriaId": "42C6F2F6-C596-4647-B6C3-ABCEF6A7C890", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6:-:windows:*:*:*:*:*", "matchCriteriaId": "B2D29AA5-0BF4-46C6-8D6D-B584F041788E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.6a:-:windows:*:*:*:*:*", "matchCriteriaId": "0174D79A-2341-44D4-B7EA-A14A38F8AF5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.7:-:linux:*:*:*:*:*", "matchCriteriaId": "EDBC5972-7BD9-4C90-91A7-7D4811857019", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.7:-:windows:*:*:*:*:*", "matchCriteriaId": "19A397CD-815D-4207-ABDB-67D0AAD8D750", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.8:-:windows:*:*:*:*:*", "matchCriteriaId": "391FA876-2CB5-47F6-879E-F1B3C2EF058E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.6.8a:-:linux:*:*:*:*:*", "matchCriteriaId": "A3486C4C-995A-425C-9A57-2E2A78AACADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.7:-:linux:*:*:*:*:*", "matchCriteriaId": "BAF988E9-F7E6-4246-A5AF-8A68BA8C300C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.7:-:windows:*:*:*:*:*", "matchCriteriaId": "6AABB31F-4389-4D1B-80AD-2B99BCE159AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.7.1:-:linux:*:*:*:*:*", "matchCriteriaId": "ABFA800A-38C7-4C89-BE56-11929AE7E36C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:1.7.1:-:windows:*:*:*:*:*", "matchCriteriaId": "2B0A5ED3-D7B5-4B7C-B84B-EF0174F7D904", "vulnerable": true}, {"criteria": "cpe:2.3:a:apachefriends:xampp:development:-:windows:*:*:*:*:*", "matchCriteriaId": "F007A84B-F0F1-4DE2-9256-BA0A5D84B80E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the \"lampp\" default password for the \"nobody\" account within the included ProFTPD installation, (2) a blank default password for the \"root\" account within the included MySQL installation, (3) a blank default password for the \"pma\" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with \"no contact from / to internet.\""}, {"lang": "es", "value": "XAMPP instala varios paquetes con contrase\u00f1as predeterminadas no confiables, lo que facilita a los atacantes remotos obtener acceso por medio de (1) la contrase\u00f1a predeterminada \"lampp\" para la cuenta \"nobody\" dentro de la instalaci\u00f3n ProFTPD incluida, (2) una contrase\u00f1a predeterminada en blanco para la cuenta \"root\" dentro de la instalaci\u00f3n MySQL incluida, (3) una contrase\u00f1a predeterminada en blanco para la cuenta \"pma\" dentro de la instalaci\u00f3n de phpMyAdmin, y posiblemente otras contrase\u00f1as no especificadas. NOTA: esto se inform\u00f3 originalmente como un problema en DFLabs PTK, pero este problema afecta a cualquier producto que est\u00e1 instalado dentro del entorno XAMPP, y no debe ser visto como una vulnerabilidad dentro de ese producto. NOTA: DFLabs declara que PTK est\u00e1 destinado a su uso en un laboratorio sin \"no contact from / to internet\"."}], "id": "CVE-2009-0919", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-03-16T19:30:00.593", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://ptk.dflabs.com/security.html"}, {"source": "cve@mitre.org", "url": "http://www.apachefriends.org/en/faq-xampp-linux.html"}, {"source": "cve@mitre.org", "url": "http://www.debianhelp.co.uk/xampp.htm"}, {"source": "cve@mitre.org", "url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://ptk.dflabs.com/security.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.apachefriends.org/en/faq-xampp-linux.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debianhelp.co.uk/xampp.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ibm.com/developerworks/linux/library/l-xampp/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49306"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}