| VID |
27121 |
| Severity |
40 |
| Port |
135 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
MSSQL server uses unnecessary procedure. 'Xp_cmdshell', 'xp_subdirs', 'xp_dirtree', and 'xp_regread' are vulnerable.
* Platforms Affected:
Microsoft SQL Server |
| Recommendation |
[SQL Server Management Studio / Diagnostic Server Access / Database / Programmability / Extended Stored Procedure] Do not use [xp_cmdshell, xp_subdirs, xp_dirtree, xp_regread] |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
