WampServer

Hello
I would like to report a vulnerability, can you please give me a point of contact as well as your publik pgp key.
Thanks

Please say anything you have to say here.

Note:

If the vulnerability is in Apache report it to the Apache team

If the vulnerability is in MYSQL report it to the MYSQL team

If the vulnerability is in PHP report it to the PHP team

As the bit of WAMPServer that is purely WAMPServer does not do anything open to vulnerabilities I doubt what you have to report is related to pure WAMPServer.


But I would very much like to hear what you think you have discovered.

Also remember that as WAMPServer is delivered with a configuration that does not allow access from anywhere other than the PC running WAMPServer, to Apache or MySQL any vulnerability you believe you have discovered is most likely to be related to configuration changes you yourself have made.

Oh and if you want to communicate privately, please send me a Private Message, as that will only be seen by me.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-



Edited 2 time(s). Last edit at 12/13/2016 06:15PM by RiggsFolly.

Hey RiggsFolly

I sent you a PM

Hello

Since you do not reply to any of my private messages I am forced to inform you one more time here in public. The vulnerability which I reported to you over two weeks ago has been acknowledged as such by MITRE and they have assigned CVE-2016-10031.

Looking forward to your answer.

Hi,

In the About.. box of Wampserver 3.0.6, there is a valid email address.
Why did not you make contact on this email address?

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hello

I have sent an email to info@ and admin@
I also wrote a ticket on your bug page: [sourceforge.net]
Wrote here on the forum and sent three private messages to RiggsFolly

Hi,

> I have sent an email to info@ and admin@
There is no evidence that these addresses are valid.

> I also wrote a ticket on your bug page: [sourceforge.net]
For me, Sourceforge is only a file repository and, in no way, a communications platform. I'll see what happens on Sourceforge roughly once every three months.
If this is so problematic and crucial for the security of Wampserver users, and since there are no details at both MITRE and Sourceforge, send me an email via the address of About.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

hello

Drop me your email here and I will forward the message I sent to RiggsFolly 2 weeks ago

Hi,

wampserver[at]otomatic[dot]net

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hi,

I think we should stop telling crap about possible vulnerabilities of Wampserver.

What you sent me as an explanation is ONLY for Apache and Mysql and is an integral part of the documentation for both applications.
These are the procedures recommended by Apache and MySQL to create the services.
So if you really think this is a vulnerability, go directly to Apache and MySQL.

Also, in total opposition to what you are telling, a Windows user who is not in an administrator session can not start the services.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Hello

Before calling it crap you should at least respect the time I spent to research and also inform you about this. I am doing that entirely on my free time, so the least you should do is show a little respect.

Second of all, this is a vulnerability because for your information starting from windows Vista Microsoft introduced UAC where user SYSTEM and Administrator are totally separate with the second having less access. You can have Admin rights however you still have to elevate your privileges to system in order to have high access.

Last but not least, the issue is not coming from Apache neither from Mysql. Is entirely coming from whoever is working as a developer there starting service applications with wrong permissions. And this is not the first time. Take a look at this reported few weeks ago by a different person:

[packetstormsecurity.com]

Hi,

I particularly love the paragraph: "====Proof-of-Concept===="

« To properly exploit this vulnerability, the local attacker must insert an executable file called mysqld.exe or httpd.exe and replace the original files. Next time service starts the malicious file will get executed as SYSTEM. »

From the moment that "someone" (an attacker) is able to replace files on a PC, we will say that it is the fault of Wampserver, even if it is not on the PC.

The only way to not be vulnerable is to leave the PC switched off permanently.
For my part, we will leave it at that.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons



Edited 1 time(s). Last edit at 12/26/2016 06:49PM by Otomatic.

Hello

Clear

Thank you for your time!