EMC Data Domain Insecure NFS loading Option Vulnerability (CVE-2016-0911)
EMC Data Domain Insecure NFS loading Option Vulnerability (CVE-2016-0911)
Release date:
Updated on:
Affected Systems:
EMC Data Domain OS 5.7
EMC Data Domain OS 5.6
EMC Data Domain OS 5.5
EMC Data Domain OS 5.4
Description:
CVE (CAN) ID: CVE-2016-0911
The EMC Data Domain system is a Data protection storage solution.
EMC Data Domain 5.4, 5.5, 5.6, and 5.7 have security vulnerabilities that allow administrators to create NFS export. By default, no_root_squash can also load NFS export on the client as root.
<* Source: EMC
Link: http://www.securityfocus.com/archive/1/538642/30/0/threaded
*>
Suggestion:
Vendor patch:
EMC
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://support.emc.com/downloads/32697_DD-OS
This article permanently updates the link address: