NFS Improper UID & NFS Exported Share Read Access

Posted on 2016-11-02
Last Modified: 2016-11-18
These 2 items show up on my vulnerability scan of my HP Laser Jet p3015

Can someone please explain them to me  and if they can be shut off
Question by:syarmush
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 62

Expert Comment

ID: 41875644
What items?

Author Comment

ID: 41877466
NFS Improper UID & NFS Exported Share Read Access
LVL 62

Expert Comment

ID: 41877597
Can you post them one per paragraph with full text of finding/test?
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.


Author Comment

ID: 41877897
The remote system is running an NFS server which is configured
in such a way that it allows unauthenticated users to manipulate
the file system using unverified credentials. This can be
accomplished by spoofing the user ID (UID) and group ID (GID)
values in NFS RPC call packets.
An unauthenticated network-based attacker can leverage this
misconfiguration issue to access and modify sensitive files that
are present on the remote system with super user privileges. This
level of access typically results in a complete compromise of the
vulnerable system.
Solution: If the NFS service is not necessary or is not being used, disable
the service. Alternatively, if the service is relied on, the issue may
be resolved either by implementing an authentication scheme
LVL 62

Accepted Solution

gheist earned 500 total points
ID: 41882834
Easiest would be to disable NFS server (telnet to IP of JetDirect, type 'help', and look for disabling NFS printing)

Author Comment

ID: 41890574
what is NFS printing?
LVL 62

Expert Comment

ID: 41893382
Some non-standard HP protocol. Probably you upload text files and images and printer prints them...

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
In an interesting question ( here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question