GEN:SID 1:505
Message MISC Insecure TIMBUKTU Password
Summary This event is generated when an attempt is made to login to a Timbuktu server using an unencrypted link.
Impact Serious. Unauthorized access to the server.
Detailed Information Looks at the initial hex code of a Timbuktu client login and captures the login and password  combination.

This is a poor security practice over the open internet and on untrusted network links. This is a  Timbuktu login going over plaintext to the Timbuktu server.

That means that anyone sniffing the wire can now use the login and password used to gain access to  the Timbuktu server.
Affected Systems Windows all versions
    Mac OS 7.5.3 and later
Attack Scenarios  
Ease of Attack Simple.
Corrective Action Use Timbuktu over encrypted links or only on local LANs
Additional References  
Rule References arachnids: 229