[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90764-2

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Use Root-Squashing on All Exports If a filesystem is exported using root squashing, requests from root on the client are considered to be unprivileged (mapped to a user such as nobody). This provides some mild protection against remote abuse of an NFS server. Root squashing is enabled by default, and should not be disabled. Ensure that no line in '/etc/exports' contains the option 'no_root_squash'.


Parameter:


Technical Mechanism:

If the NFS server allows root access to local file systems from remote hosts, this access could be used to compromise the system. Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30453
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31176


OVAL    2
oval:org.secpod.oval:def:30453
oval:org.secpod.oval:def:31176

© SecPod Technologies