Navigate

Check: GEN005720

VMware ESX 3 Server: GEN005720 (in version v1 r2)

Title

NFS servers must only accept NFS requests from privileged ports on client systems. (Cat II impact)

Discussion

If clients are not required to use privileged ports to get NFS services, then exported file systems may be in danger of mounting by malicious users and intruders that do not have access to privileged ports.

Check Content

Determine if the NFS service accepts requests from unprivileged ports. If it does, this is a finding.

Fix Text

Configure the system to not accept NFS requests from unprivileged ports.

Additional Identifiers

Rule ID: SV-927r2_rule

Vulnerability ID: V-28440

Group Title: GEN005720

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001465	The organization establishes terms and conditions, consistent with any trust relationships established with other organizations owning, operating, and/or maintaining external information systems, allowing authorized individuals to store organization-controlled information using the external information systems.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check