CVE-2005-1205

Опубликовано: 14 июн. 2005

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

Ссылки

http://idefense.com/application/poi/display?id=260&type=vulnerabilities
Patch
Vendor Advisory
http://secunia.com/advisories/15690/
Patch
Vendor Advisory
http://securitytracker.com/id?1014203
http://www.kb.cert.org/vuls/id/800829
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/13940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-033
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A605
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A784
http://idefense.com/application/poi/display?id=260&type=vulnerabilities
Patch
Vendor Advisory
http://secunia.com/advisories/15690/
Patch
Vendor Advisory
http://securitytracker.com/id?1014203
http://www.kb.cert.org/vuls/id/800829
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/13940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-033
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A605
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A784

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.4124

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7rhw-9h9h-3r9c

github

почти 4 года назад