Oval Definition:	oval:org.mitre.oval:def:1139
Revision Date: 2005-09-21 Version: 3 Title: Telnet Client Information Disclosure Vulnerability Description: Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-0488 Platform(s): Red Hat Enterprise Linux 3 Product(s): telnet Definition Synopsis Software section Red Hat Enterprise 3 is installed AND telnet RPM earlier than 1:0.17-20.EL3.3 AND Configuration section /usr/bin/telnet is executable by any user
BACK