Multiple Vendor NFS CD Command Arbitrary File/Directory Access

Medium Nessus Plugin ID 11357

Synopsis

The remote service is vulnerable to information disclosure.

Description

The remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system.

An attacker may use this flaw to read every file on this host.

Solution

Create a dedicated partition for your NFS exports, and contact your vendor for a patch.

Plugin Details

Severity: Medium

ID: 11357

File Name: nfs_dotdot.nasl

Version: 1.22

Type: remote

Family: RPC

Published: 2003/03/12

Updated: 2018/08/13

Dependencies: 15984, 10437, 10223

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: rpc/portmap

Vulnerability Publication Date: 1991/01/01

Reference Information

CVE: CVE-1999-0166