Multiple Vendor NFS CD Command Arbitrary File/Directory Access

This script is Copyright (C) 2003-2017 Tenable Network Security, Inc.

Synopsis :

The remote service is vulnerable to information disclosure.

Description :

The remote NFS server allows users to use a 'cd ..' command
to access other directories besides the NFS file system.

An attacker may use this flaw to read every file on this host.

Solution :

Create a dedicated partition for your NFS exports, and contact your
vendor for a patch.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: RPC

Nessus Plugin ID: 11357 ()

Bugtraq ID:

CVE ID: CVE-1999-0166

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now