Multiple Vendor NFS CD Command Arbitrary File/Directory Access
Medium Nessus Plugin ID 11357
SynopsisThe remote service is vulnerable to information disclosure.
DescriptionThe remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system.
An attacker may use this flaw to read every file on this host.
SolutionCreate a dedicated partition for your NFS exports, and contact your vendor for a patch.