When performing a full vulnerability scan against a target host, are all mounted filesystems scanned? This includes virtual or remote mount points, such as NFS mounts or SSH mounts.
During a VM scan the mount points are identified and security issues, such as anonymous
mounts enabled and information disclosure. However as a rule the scan will not recursively
scan down through mounted directories due to serious performance issues, both in target
system resources as well as scan time.
However when checking for configuration, security and patch information the scan does not
consider whether its a local, virtual or remote directory. For example the scan will look in
home directories that are located on externally mounted file systems looking for security
Retrieving data ...