LowCheck or Attack Name: nfsexp
NFS was found to be mountable. The security of NFS relies heavily on who is allowed to mount the files that a server exports, and whether they are exported read-only. Through NFS, an attacker can gain access to files in the export directory. Some administrators purposefully export directories for everyone to be able to gain access to the data.
Disable NFS if exports are not required on this host. To safely create an empty netgroup entry, type ngname (-,-,-). This is a netgroup that matches no one on no host on no NIS domain.
Note: The Windows NT fix depends on what NFS server you are running. Refer to your NFS documentation for more information.
SunSolve Online Public Patch Access, SunSolve Online Public Patch Access, http://sunsolve.sun.com/sunsolve/pubpatches/patches.html
CERT Advisory CA-91.21, SunOS NFS Jumbo and fsirand Patches, http://www.cert.org/ftp/cert_advisories/CA-91:21.SunOS.NFS.Jumbo.and.fsirand
CERT Advisory CA-93.15, /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities, http://www.cert.org/ftp/cert_advisories/CA-93:15.SunOS.and.Solaris.vulnerabilities
CERT Advisory CA-94.02, Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability, http://www.cert.org/ftp/cert_advisories/CA-94:02.REVISED.SunOS.rpc.mountd.vulnerability
CERT Advisory CA-94.15, NFS Vulnerabilities, http://www.cert.org/ftp/cert_advisories/CA-94:15.NFS.Vulnerabilities
CERT Advisory CA-94.15, NFS Vulnerabilities, http://www.cert.org/advisories/CA-94.15.NFS.Vulnerabilities.html
CERT Advisory CA-91.21, SunOS NFS Jumbo and fsirand Patches, http://www.cert.org/advisories/CA-91.21.SunOS.NFS.Jumbo.and.fsirand.html
CERT Advisory CA-93.15, /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities, http://www.cert.org/advisories/CA-93.15.SunOS.and.Solaris.vulnerabilities.html
CERT Advisory CA-94.02, Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability, http://www.cert.org/advisories/CA-94.02.REVISED.SunOS.rpc.mountd.vulnerability.html
