icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Firebird Database Server Plaintext Password

Medium

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host seems to be running a Firebird database server. This instance of the Firebird server allows the passing of confidential data over an unencrypted session. An attacker can sniff confidential data such as database name, user ID and credentials to gain elevated access to the database.

Solution

Require remote clients to use an encrypted session.