NFS Shares World Readable

high Nessus Plugin ID 42256

Synopsis

The remote NFS server exports world-readable shares.

Description

The remote NFS server is exporting one or more shares without restricting access (based on hostname, IP, or IP range).

Solution

Place the appropriate restrictions on all NFS shares.

See Also

http://www.tldp.org/HOWTO/NFS-HOWTO/security.html

Plugin Details

Severity: High

ID: 42256

File Name: nfs_world_readable_shares.nasl

Version: 1.11

Type: remote

Family: RPC

Published: 10/26/2009

Updated: 5/5/2020

Risk Information

CVSS Score Rationale: Information disclosure score

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

Required KB Items: nfs/proto, nfs/share_acl

Vulnerability Publication Date: 1/1/1985