Page 1 of 1

XAMPP Vulnerability Analysis

PostPosted: 19. June 2007 12:56
by trinath
Hi ,

I have installed xampp and test tested it under NIKTO tool for vulnerability analysis ,

here is the report generated by nikto tool

Code: Select all
root@dut1 nikto-1.36]# perl nikto.pl -host 127.0.0.1 -ssl -port 443
---------------------------------------------------------------------------
- Nikto 1.36/1.37     -     www.cirt.net
+ Target IP:       127.0.0.1
+ Target Hostname: dut1.com
+ Target Port:     443
---------------------------------------------------------------------------
+ SSL Info:        Ciphers: Enabled
                   Info:    Unknown
                   Subject: Unknown
+ Start Time:      Sat Jun  9 12:23:36 2007
---------------------------------------------------------------------------
- Scan is dependent on "Server" string which can be faked, use -g to override
+ Server: Apache/2.2.4 (Unix) DAV/2 mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.1
mod_apreq2-20051231/2.5.7 mod_perl/2.0.2 Perl/v5.8.7
- Retrieved X-Powered-By header: PHP/5.2.1
+ mod_ssl/2.2.4 appears to be outdated (current is at least 2.8.25) (may depend
on server version)
+ mod_perl/2.0.2 appears to be outdated (current is at least 5.8.0)
+ mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.1 mod_apreq2-20051231/2.5.7
mod_perl/2.0.2 Perl/v5.8.7 - mod_ssl 2.8.7 and lower are vulnerable to a remote
buffer overflow which may allow a remote shell
(difficult to exploit). CAN-2002-0082.
+ / - Redirects to /code/ , Default EMC Cellera manager server is running.
+ /cgi-bin/printenv - Apache 2.0 default script is executable and gives server
environment variables. All default scripts should be removed. It may also allow
XSS types of attacks. BID-4431. (GET)
+ /cgi-bin/test-cgi - Apache 2.0 default script is executable and reveals system
information. All default scripts should be removed. (GET)
 
+ Over 20 "Moved" messages, this may be a by-product of the server
+     answering all requests with a "302" or "301" Moved message. You should
+     manually verify your results or use the "-404" option.
+ / - TRACE option appears to allow XSS or credential theft. See
http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf for details (TRACE)
 
+ Over 20 "Moved" messages, this may be a by-product of the server
+     answering all requests with a "302" or "301" Moved message. You should
+     manually verify your results or use the "-404" option.
+ 2673 items checked - 3 item(s) found on remote host(s)
+ End Time:        Sat Jun  9 12:31:59 2007 (503 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Can any one suggest me how to fix these bugs.

Xampp is an Standalone Package of latest APACHE , MYSQL , PHP . Is there any ZLAP from Apache friends , APACHE , POSTGRESQL, PHP and Latest ZEND Optimizer.

Can there be any possibily to make xampp , ourselves , with some other versions of Apache , MYSQL and PHP . ? Please help me in this regard,

Best Regards,
Trinath Somanchi

PostPosted: 22. June 2007 09:49
by trinath
None have answers for this

PostPosted: 22. June 2007 10:06
by johnsie
Alot of those problems seem to be with the CGI-BIN and the scripts in it. You can delete those scripts. Anything in /cgi-bin can be deleted. You can even delete the CGI-BIN folder itself. Or if you dont use CGI then you can always disable CGI.

PostPosted: 03. July 2007 07:20
by trinath
Dear Xampp makers,

Can you please fix the vulnerabilities as described by NIKTO , So that Xampp is more secure to use.

mod_pearl and mod_ssl are out dated and vulnerable.

PostPosted: 05. September 2008 20:43
by HeberPcL
My server this with the mod_ssl vulnerable, I need to know to make it safe?

www.PowerOT.info