i need to install a mysql server on my windows machine to run a local database. does anyone know if this thing poses a vulnerability?
+1
A:
when you first install MySQL it only allows local users to access the DB, so I don't see any vulnerabilities.
Phill Pafford
2009-08-28 18:54:38
+1
A:
"...XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal. "
Here a list of missing security in XAMPP:
* The MySQL administrator (root) has no password.
* The MySQL daemon is accessible via network.
* phpMyAdmin is accessible via network.
* The XAMPP demopage is accessible via network.
* The default users of Mercury and FileZilla are known.
Read this for more: http://www.apachefriends.org/en/xampp-windows.html#1221
Nick
2009-08-28 19:13:04