Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Firebird Database Client Plaintext Password

Medium

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host appears to be running a Firebird database client. This instance of the Firebird client allows the passing of confidential data over an unencrypted session. Given this, an attacker can sniff confidential data such as database name, user ID, or credentials to gain elevated access to the database.

Solution

Require remote clients to use an encrypted session.