K2000 PCI Scan (/kbox/datastore/internal/tftpboot/dummy)
Our K2000 is getting flagged during PCI scan has anyone had this problem? If so what was the approach to fixing it? Thank you in advance for the help.
The following NFS shares could be mounted :
+ /kbox/datastore/internal/tftpboot/dummy
11356 (1) - NFS Exported Share Information Disclosure
Synopsis
It is possible to access NFS shares on the remote host.
Description
At least one of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may be able to leverage this to read (and possibly write) files on remote host.
Solution
Configure NFS on the remote host so that only authorized hosts can mount its remote shares.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
References
| CVE | CVE-1999-0170 |
| CVE | CVE-1999-0211 |
| CVE | CVE-1999-0554 |
| XREF | OSVDB:339 |
| XREF | OSVDB:8750 |
| XREF | OSVDB:11516 |
Exploitable With
Metasploit (true)
Plugin Information:
Published: 2003/03/12, Modified: 2018/02/20
Plugin Output
kace-dc (udp/2049)
The following NFS shares could be mounted :
+ /kbox/datastore/internal/tftpboot/dummy
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
JasonEgg
6 years ago
I got the same alert from Qualys (our security scan system) and contacted support about it. Turns out this is required for access to PXE/Netboot. There's no unexpected high security access like "/etc/passwd" found in results, only tftpboot, so it's not a security concern for us. We also only accept PXE/Netboot from wired connection from only our org's IP range, so access to the share is already limited.
