Oval Definition:	oval:org.mitre.oval:def:784
Revision Date: 2011-05-23 Version: 43 Title: Windows 2000 Telnet Environment Disclosure Vulnerability Description: The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-1205 Platform(s): Microsoft Windows 2000 Product(s): Services for UNIX Definition Synopsis Windows 2000 is installed AND NOT the patch KB896428 for Services for UNIX is installed AND Services for UNIX is installed and a vulnerable version of telnet.exe exists Services for UNIX version 2.2 and telnet.exe version less than 5.3000.2073.13 the version of telnet.exe is less than 5.3000.2073.13 AND the software Services for UNIX is installed and the version is 2.2 OR Services for UNIX version 3.0 and telnet.exe version less than 7.0.1701.44 the software Services for UNIX is installed and the version is 3.0 AND the version of telnet.exe is less than 7.0.1701.44 OR Services for UNIX version 3.5 and telnet.exe version less than 8.0.1969.33 the software Services for UNIX is installed and the version is 3.5 AND the version of telnet.exe is less than 8.0.1969.33
BACK