NFS Exported Share Information Disclosure
critical Nessus Plugin ID 11356
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
It is possible to access NFS shares on the remote host.Description
At least one of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may be able to leverage this to read (and possibly write) files on remote host.Solution
Configure NFS on the remote host so that only authorized hosts can mount its remote shares.Plugin Details
Severity: Critical
ID: 11356
File Name: nfs_mount.nasl
Version: 1.20
Type: remote
Family: RPC
Published: 3/12/2003
Updated: 9/17/2018
Dependencies: rpc_portmap.nasl, showmount.nasl
Risk Information
CVSS Score Source: CVE-1999-0554
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
Required KB Items: rpc/portmap, nfs/exportlist
Excluded KB Items: nfs/noshares
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 1/1/1985
Exploitable With
Metasploit (NFS Mount Scanner)