Today surfing on the web I’ve read something about MAMPU that means Malaysia Administrative Modernisation and Management Planning Unit. Under the “principal” domain ( you might find another sub domain called SSO I really have no idea about it and I really have no idea what has been written on the project’s home page. What I wanna point out is the incredible error which come out during a normal GET request on the site . Here it is !

The MySQL server runs on localhost and the root password is not used ! That means the server’s administrator had not well-configured the machine, probably the internal SQL server could run an AF_UNIX socket opened to external communications. If it’s true everybody can access to the DataBase. 
I’m scared about these kind of system’s administrators.

One thought on “ MAMPU’s SSO With No Password. ”

Comments are closed.