CVE-2005-0488

BSD-based Telnet Clients - Info Disclosure

Title source: llm

Description

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

References (19)

Core 19

Core References

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-504.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014203

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13940

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/3101

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21253

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/800829

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/19289

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-562.html

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA06-214A.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11373

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1139

Vendor Advisory third-party-advisory x_refsource_idefense

http://idefense.com/application/poi/display?id=260&type=vulnerabilities

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17135

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2005_16_sr.html

Scores

EPSS 0.1168

EPSS Percentile 93.8%

Details

Status published

Products (3)

microsoft/telnet_client 5.1.2600.2180

mit/kerberos_5 1.3.4

sun/sunos 5.9

Published Jun 14, 2005

Tracked Since Feb 18, 2026