Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

All XP functions containing 'xp_reg' should be removed

Posted on 2013-01-24
3
Medium Priority
?
1,833 Views
Last Modified: 2014-03-18
I ran a vulnerability scan on my Windows 2008 server with SQL 2005 server and need to fix this;

"SQL Insecure Registry Access Commands Detected
Deny access to all store procedures that allow users to read or write the system's registry.  All XP functions containing 'xp_reg' should be removed or restricted from access."

Any idea what I need to do to fix this?
0
Comment
Question by:355LT1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 7

Accepted Solution

by:
Ross Turner earned 1500 total points
ID: 38813456
You Could try this to find any instances of xp_reg:
use master
select o.name,user_name(p.grantee_principal_id)
from sys.system_objects o, sys.database_permissions p
where o.object_id = p.major_id and
o.name like ‘xp_reg%’ and p.type=’EX’

Open in new window

Revoke execute permissions to registry procedures where not authorized.
From the query prompt:
revoke execute on <registry procedure name> from <user name>

Open in new window

0
 

Author Comment

by:355LT1
ID: 38813727
I executed these 5 commands in sqlcmd and there now results from 1-5

anything missing
0
 

Expert Comment

by:tnrdhdhllblly
ID: 39937936
Thanks so much! This helped tremendously.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe the Detach & Attach method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question