huge webdav security hole in xampp / xampp lite
|
31.12.2010 |
| xampp and xampp lite - even in the newest version come with webdav enabled and a default password being set, this is a huge security flaw, since anybody can easily upload malicious files to the server and even execute them trough php, so either disable webdav if you do not need it, or change the user in x:/xampp/security/webdav.htpasswd I have no idea why they do that, and even in their security settings they do not show it as a security flaw, which it obviously is, as it is basically the same as leaving an ftp open to anonymous write access. text added. |
|
 |
|
|
this site was rendered in 0.17241 seconds with a total # of 22 167 882 sites so far.
676048 of which came from registered users. Impressum @ u2.hax.at |