CVE-2005-0488 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-0488
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0488

Description: Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

CVE Status: Candidate

References: SUSE http://www.novell.com/linux/security/advisories/2005_16_sr.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 ST 1014203 SAID Secunia Advisory: SA17135 Secunia Advisory: SA21253 REDHAT http://www.redhat.com/support/errata/RHSA-2005-562.html http://www.redhat.com/support/errata/RHSA-2005-504.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1139 IDEFENSE http://idefense.com/application/poi/display?id=260&type=vulnerabilities CERT-VN 800829 CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BID 13940 19289 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Return to the previous page.