SuSE9 Security Update : telnet (YOU Patch Number 10238)

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 9 host is missing a security-related patch.

Description :

The telnet client protocol can be abused by a malicious server to read
the environment of the client site. The information can be used as
preparation for further attacks. This bug can also be exploited by
using the telnet:// URL on a web-site and letting the web-browser fork
a telnet client. This bug was reported by iDEFENSE [IDEF0865].

Note that this patch changes the behaviour of the telnet client
regarding the rule of exported environment variables. Please consult
the man page for further details.

Solution :

Apply YOU patch number 10238.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 41074 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now