> Sorry, I've missed. Database explorer logins to server with backdoor
> username/password OK. But, this user seems to have permissions
> only to create new objects, but not read data if no grants for

public

> where enabled in database.

Which means you can connect to the ISC4.GDB and read the USERS table,
including encrypted copies of all the passwords. From there it is, at
worst, a short brute force trip to resolve the password of any user.

Remember that IB passwords are restricted to 8 character significance
which makes cracking well within the scope of modern hacker tools.
Remember also that the location of the ISC4 database is generally
known (or can be retrieved via the IB6 services), so unlike most
databases the ISC4 database is easy to find on remote servers.

The moral: Dont let this lack of access lull you into thinking the
problem is not serious!

Geoff Worboys
Telesis Computing