Upstream information
Description
A superfluous NFS server is running, but it is not importing or exporting any file systems.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having critical severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 10 |
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Note from the SUSE Security Team
This CVE is reported by scanners seeing a NFS RPC service (port 2049) where no shares are exported. You can verify this with 'showmount -e HOSTNAME'. It is not a security issue, more a configuration issue. Check if the NFS server is disabled on the remote machine if it is not in use. SUSE Bugzilla entry: 944135 [RESOLVED / INVALID] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Thu Jun 27 23:21:01 2013CVE page last modified: Thu Jul 13 11:15:08 2023