* Technical Description *
Redhat has released a security patch to correct a vulnerability identified in Telnet. This flaw occurs when processing the "NEW-ENVIRON" option with a "SEND ENV_USERVAR" command, which could be exploited by remote attackers to read sensitive environment variables.
* Affected Products *
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
* Solution *
Use Red Hat Network to download and update your packages :
http://rhn.redhat.com/ * References *
http://www.frsirt.com/english/advisories/2005/0786http://rhn.redhat.com/errata/RHSA-2005-504.html
AlphaOne Technology Support Forums
Author
Logged
