Yes, you are doing something wrong if that root directory isn't part of your NFS share. Check the config of the NFS share and see where the mount point is and check the config to see if indeed you have hosed it up to allow for access to the entire box.
Ok - will check on our side and try again.

Also, needless to say, but I will anyway, did you patch this host? This is fixed via patching the bug in the deamon.
That is in part what I am checking for with this audit, the SA group does patching on these servers, but this vulnerability keeps popping up on their scans, I am trying to determine if we have a false positive, their configs are messed up, or they are missing a patch. What bothers me is that this vulnerability showed up in the ISS IS report and in NESSUS, and it's an older vulnerability, 1999 according to CVE. I will be following up with the IT managers on this one.

Typically, I only do NFS mounts to a separate disk slice but that's just me.
Agreed. When I was an SA I followed the same methodology - and only use the NFS mount when absolutely needed, made sure the exports file was correct and unmounted any NFS mount(s) as soon as the work was done.

Thanks much for the help.