Database Engine Ad Hoc distributed queries should be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15166 | DM6160-SQLServer9 | SV-25496r1_rule | DCFA-1 | Medium |
| Description |
|---|
| Adhoc queries allow undefined access to remote database sources. Access to untrusted databases could result in execution of malicious applications and/or a compromise of local data confidentiality and integrity. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-13818r1_chk ) |
|---|
| From the query prompt: SELECT CAST(value AS INT) 'Config_Value' FROM [master].sys.configurations WHERE name = 'ad hoc distributed queries' If the value of Config_Value is 0, this is Not a Finding. If the value of Config_Value is 1, confirm in the System Security Plan that this option is documented, required and approved by the IAO. If it is not documented, required and approved, this is a Finding. |
| Fix Text (F-19729r1_fix) |
|---|
| Authorize and document requirements for use of Ad hoc distributed queries in the System Security Plan and AIS Functional Architecture documentation. Where not authorized, disable its use. From the query prompt: EXEC SP_CONFIGURE 'show advanced options', 1 EXEC SP_CONFIGURE 'ad hoc distributed queries', 0 RECONFIGURE |