| VID |
14248 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The ALTIBASE's password complexity setting of the remote host is not secure.
If password complexity is not secure, an attacker can obtain a password through a brute force attack.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Solution 1. Change Password Policy for Each User
1.1 Confirm Password Policy Setting
select * from system_.sys_users_;
1.2 Setting Password Policy for the Following Properties
PASSWORD_VERIFY_FUNCTION
¡Ø Use the following command to apply the policy.
ALTER USER username LIMIT (property number);
example) ALTER USER TESTUSER LIMIT
(PASSWORD_VERIFY_FUNCTION [function_name]);
Solution 2. ALTIBASE HDB Property File
Change $ALTIBASE_HOME/conf/altibase.properties |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
