[OWASP-Malaysia] WebDAV Vulnerability Secure Your Xampp Installation

Harisfazillah Jamel linuxmalaysia at gmail.com
Wed Jun 22 22:34:15 EDT 2011


Attack on Webdev Xampp

XAMPP WebDAV vulnerability example in this OWASP slide - Web attack in the wild.

https://www.owasp.org/index.php/Spain/Meetings (Sepanyol lah pulak)

Slide download :-

https://www.owasp.org/images/a/a7/Web_attacks_in_the_wild_-_ap.pdf

This is XAMPP latest vulnerability.

http://www.apachefriends.org/f/viewtopic.php?f=16&t=43824

http://www.apachefriends.org/f/viewtopic.php?f=16&t=44140

Please patch annd secure your XAMPP installation

http://www.apachefriends.org/en/xampp-windows.html#1221

As mentioned  at another place, XAMPP is not meant for production use
but only for developers in a development environment. XAMPP is
configured is to be as open as possible and to allow the web developer
anything he/she wants. For development environments this is great but
in a production environment it could be fatal.


More information about the OWASP-Malaysia mailing list