The remote database service has an account with a blank password. Description : The remote Sybase SQL server has the default 'sa' account enabled without any password. An attacker may use this flaw to execute commands against the remote host as well as read database content.
Either disable this account or set a password for it.
- IBM DB2 UDB Multiple Unspecified Vulnerabilities (Linux)
- Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
- Oracle Database Server Multiple Vulnerabilities - July 06
- IBM DB2 SQL/PSM Stored Procedure Debugging Buffer Overflow Vulnerability (Linux)
- Oracle MySQL Multiple Unspecified vulnerabilities-02 Oct14 (Windows)