This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
The remote SuSE 9 host is missing a security-related patch.
The telnet client protocol can be abused by a malicious server to read
the environment of the client site. The information can be used as
preparation for further attacks. This bug can also be exploited by
using the telnet:// URL on a web-site and letting the web-browser fork
a telnet client. This bug was reported by iDEFENSE [IDEF0865].
Note that this patch changes the behaviour of the telnet client
regarding the rule of exported environment variables. Please consult
the man page for further details.
Apply YOU patch number 10238.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now