After logging into the admin control panel on my raq4 server if i goto a php gage with the phpinfo command in it, it displays my servers username and password.

Here is the info it displays

HTTP_SERVER_VARS["PHP_SELF"] /vblite/admin/test.php
HTTP_SERVER_VARS["PHP_AUTH_USER"] admin
HTTP_SERVER_VARS["PHP_AUTH_PW"] mypassword (this is not my password!!)

Do you think this could be a big security bug?
Does the same happen on other servers?

IT is not a bug or a security treat...

when viewign phpinfo, php grab every variable, system var, settings, paths, etc that are set on your server, for you, your cookies accessible, etc.

You see every info that the server can have / find on you by checking a phpinfo and all the info you can find from the vars on the server itself.

If you make a page with this in it:
<?phpinfo()?>
and view it, you will not have those username & password displayed.

In brief, you have worst thing that this to worry about :)