Multiple Vendor NFS CD Command Arbitrary File/Directory Access

Medium Nessus Plugin ID 11357

Synopsis

The remote service is vulnerable to information disclosure.

Description

The remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system.

An attacker may use this flaw to read every file on this host.

Solution

Create a dedicated partition for your NFS exports, and contact your vendor for a patch.

Plugin Details

Severity: Medium

ID: 11357

File Name: nfs_dotdot.nasl

Version: $Revision: 1.20 $

Type: remote

Family: RPC

Published: 2003/03/12

Modified: 2017/02/16

Dependencies: 10223, 10437

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: rpc/portmap

Vulnerability Publication Date: 1991/01/01

Reference Information

CVE: CVE-1999-0166