August 10, 2010 at 5:11 pm
We are using a third party tool to find out all the vulnerabilities.
It is showing high risk vulnarability in out SQL 2005 Cluster prod server.
Description: Permission to execute the registry extended stored procedures have been granted to a user or group.
workaround: USE master
GO
REVOKE EXECUTE ON [xp_regread] FROM public
GO
USE master
GO
REVOKE EXECUTE ON [xp_instance_regread] FROM public
GO
My quesion is- If we remove public permissions, is there any serious problems occurs at sql server end/application
August 10, 2010 at 11:09 pm
You may revoke it. Please make sure that there no applications making use of this procedure through public role.
Pradeep Adiga
Blog: sqldbadiaries.com
Twitter: @pradeepadiga
August 12, 2010 at 7:24 am
Adiga (8/10/2010)
You may revoke it. Please make sure that there no applications making use of this procedure through public role.
Thanks for your reply.
All applications (websites, windows services) use windows authentication to connect to the SQL Server. A Windows account with the same username and password is created on web server and also the database server. Using this mirrored account approach.
How to make sure whether any application is using the xp_regread through public role?
Thank you.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply