Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Telnet_client | Microsoft | 5.1.2600.2180 | 5.1.2600.2180 |
Kerberos_5 | Mit | 1.3.4 | 1.3.4 |