oval:org.mitre.oval:def:1139

Definition Id: oval:org.mitre.oval:def:1139

Oval ID:	oval:org.mitre.oval:def:1139
Title:	Telnet Client Information Disclosure Vulnerability
Description:	Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-0488	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	telnet
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND telnet RPM earlier than 1:0.17-20.EL3.3 AND Configuration section /usr/bin/telnet is executable by any user