Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft telnet client 5.1.2600.2180 |
||
mit kerberos 5 1.3.4 |
||
sun sunos 5.9 |