Multiple Vendor NFS CD Command Arbitrary File/Directory Access
Medium Nessus Plugin ID 11357
Synopsis
The remote service is vulnerable to information disclosure.
Description
The remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system.
An attacker may use this flaw to read every file on this host.
Solution
Create a dedicated partition for your NFS exports, and contact your vendor for a patch.