FreeBSD : FreeBSD -- Incorrect privilege validation in the NFS server (e5d2442d-5e76-11e6-a6c3-14dae9d210b8)
Medium Nessus Plugin ID 92834
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionProblem Description :
The kernel incorrectly uses client supplied credentials instead of the one configured in exports(5) when filling out the anonymous credential for a NFS export, when -network or -host restrictions are used at the same time.
The remote client may supply privileged credentials (e.g. the root user) when accessing a file under the NFS share, which will bypass the normal access checks.
SolutionUpdate the affected packages.