MediumCheck or Attack Name: nfsrhosts
A directory on an exported file system has been detected as writable. Via NFS, this condition can lead to attackers gaining access to the machine by modifying certain files.
Note: This issue does not indicate that the export is read-writable, but that the directory on the file system has write permission.
Verify that these files and export directories are not accessible by unauthorized hosts through proper NFS export lists. For more information, see your NFS documentation.
For specific patch IDs, see the appropriate CERT Advisory listed in the References.
CERT Advisory CA-91.21, SunOS NFS Jumbo and fsirand Patches, http://www.cert.org/ftp/cert_advisories/CA-91:21.SunOS.NFS.Jumbo.and.fsirand
CERT Advisory CA-92.15, Multiple SunOS Vulnerabilities Patched, http://www.cert.org/ftp/cert_advisories/CA-92:15.Multiple.SunOS.vulnerabilities.patched
CERT Advisory CA-93.15, /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities, http://www.cert.org/ftp/cert_advisories/CA-93:15.SunOS.and.Solaris.vulnerabilities
CERT Advisory CA-94.02, Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability, http://www.cert.org/ftp/cert_advisories/CA-94:02.REVISED.SunOS.rpc.mountd.vulnerability
CERT Advisory CA-94.15, NFS Vulnerabilities, http://www.cert.org/ftp/cert_advisories/CA-94:15.NFS.Vulnerabilities
SunOS/Solaris Patch ID 100173-13, SunOS 4.1.3: NFS Jumbo Patch (191274 bytes), http://sunsolve.sun.com/sunsolve/pubpatches/patches.html
