The remote database service has an account with a blank password. Description : The remote Sybase SQL server has the default 'sa' account enabled without any password. An attacker may use this flaw to execute commands against the remote host as well as read database content.
Either disable this account or set a password for it.
- IBM DB2 UTL_FILE Module Directory Traversal Vulnerability (Windows)
- Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
- Oracle Database Server Multiple Unspecified Vulnerabilities
- IBM DB2 Multiple Vulnerabilities (Oct10)
- Oracle Database Server Upgrade and Downgrade Component Multiple Vulnerabilities