Sensitive Environment Variable Disclosure in Telnet Client for Windows XP, Windows Server 2003, and Windows Services for UNIX

Sensitive Environment Variable Disclosure in Telnet Client for Windows XP, Windows Server 2003, and Windows Services for UNIX

CVE-2005-1205 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

Learn more about our Cis Benchmark Audit For Server Software.