Telnet Invocation Vulnerability in Internet Explorer 6 and Earlier with SFU 2.0

CVE-2001-0667

Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.

Learn more about our Web Application Penetration Testing UK.