Summary
The remote database service has an account with a blank password.
Description :
The remote Sybase SQL server has the default 'sa' account enabled without any password.
An attacker may use this flaw to execute commands against the remote host as well as read database content.
Solution
Either disable this account or set a password for it.
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities-01 Feb15 (Windows)
- Oracle Database Server Multiple Vulnerabilities - Oct 06
- MySQL Server Buffer Overflow Vulnerability (Linux)
- IBM DB2 Administration Server (DAS) Buffer Overflow Vulnerability
- Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)