Multiple Vendor NFS CD Command Arbitrary File/Directory Access

medium Nessus Plugin ID 11357


The remote service is vulnerable to information disclosure.


The remote NFS server allows users to use a 'cd ..' command to access other directories besides the NFS file system.

An attacker may use this flaw to read every file on this host.


Create a dedicated partition for your NFS exports, and contact your vendor for a patch.

Plugin Details

Severity: Medium

ID: 11357

File Name: nfs_dotdot.nasl

Version: 1.22

Type: remote

Family: RPC

Published: 3/12/2003

Updated: 8/13/2018

Risk Information


Risk Factor: Low

Score: 3.4


Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: rpc/portmap

Vulnerability Publication Date: 1/1/1991

Reference Information

CVE: CVE-1999-0166