Details of VAR-200506-0234

ID

VAR-200506-0234

CVE

CVE-2005-1205

TITLE

Microsoft Windows of Telnet Environment variable disclosure vulnerability in the client

Trust: 0.8

sources: JVNDB: JVNDB-2005-000382

DESCRIPTION

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Remote attackers who exploit this issue IFRAME Tag and "TELNET://" Formal URI Etc., Web Malicious via page or email Telnet By guiding the target user to connect to the server, important information on the target system, such as the user name, executable file search path, and the location of important data, may be taken. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. Attackers can retrieve any information stored in the environment of clients using the affected telnet application. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further attacks. This can be exploited to gain knowledge of the session variables for a user, who has an open connection to a malicious Telnet server. Successful exploitation requires that a user e.g. visits a malicious web site or is tricked into clicking a specially crafted link. SOLUTION: Apply patches. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2005-1205 // JVNDB: JVNDB-2005-000382 // BID: 13940 // VULMON: CVE-2005-1205 // PACKETSTORM: 37995

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows 2003 server	scope:	eq	version:	r2	Trust: 1.6
vendor:	microsoft	model:	windows 2003 server	scope:	eq	version:	web	Trust: 1.6
vendor:	microsoft	model:	windows 2003 server	scope:	eq	version:	enterprise	Trust: 1.6
vendor:	microsoft	model:	windows 2003 server	scope:	eq	version:	standard	Trust: 1.6
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	2.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	2.1	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	10 (sparc)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	10 (x86)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	7.0 (sparc)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	7.0 (x86)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	8 (sparc)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	8 (x86)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	9 (sparc)	Trust: 0.8
vendor:	sun microsystems	model:	solaris	scope:	eq	version:	9 (x86)	Trust: 0.8
vendor:	microsoft	model:	windows server 2003	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows xp	scope:	eq	version:	sp3	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	2.1 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	2.1 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	2.1 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	s u s e	model:	linux personal	scope:	eq	version:	8.2	Trust: 0.3
vendor:	microsoft	model:	windows xp home sp1	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	8.0	Trust: 0.3
vendor:	sun	model:	sunos x86	scope:	eq	version:	5.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	sun	model:	sunos	scope:	eq	version:	5.9	Trust: 0.3
vendor:	avaya	model:	s8500 r2.0.0	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	avaya	model:	s8700 r2.0.0	scope:	-	version:	-	Trust: 0.3
vendor:	mandrakesoft	model:	multi network firewall	scope:	eq	version:	2.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	sun	model:	seam	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	5.2	Trust: 0.3
vendor:	microsoft	model:	windows xp professional	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux i386	scope:	eq	version:	7.2	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	4.2	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition sp1 beta	scope:	eq	version:	20031	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	sun	model:	solaris 2.7 sparc	scope:	-	version:	-	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	10.1	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition itanium	scope:	eq	version:	20030	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition sp1	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	1.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake amd64	scope:	eq	version:	10.0	Trust: 0.3
vendor:	microsoft	model:	windows xp professional edition	scope:	eq	version:	x64	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	10.2	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux ppc	scope:	eq	version:	6.4	Trust: 0.3
vendor:	s u s e	model:	linux personal	scope:	eq	version:	9.3	Trust: 0.3
vendor:	s u s e	model:	open-enterprise-server	scope:	eq	version:	9.0	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	cosmicperl	model:	directory pro	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	3	Trust: 0.3
vendor:	mit	model:	kerberos	scope:	eq	version:	51.3.6	Trust: 0.3
vendor:	suse	model:	linux sparc	scope:	eq	version:	7.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	avaya	model:	mn100	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux ppc	scope:	eq	version:	7.3	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	ne	version:	4.5.13	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	sun	model:	seam	scope:	eq	version:	1.0.2	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	redhat	model:	advanced workstation for the itanium processor	scope:	eq	version:	2.1	Trust: 0.3
vendor:	microsoft	model:	windows xp 64-bit edition	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	s8500 r2.0.1	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	suse	model:	linux i386	scope:	eq	version:	7.0	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.03	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	6.0	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.5.12	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.5	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition itanium sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	sun	model:	seam	scope:	eq	version:	1.0	Trust: 0.3
vendor:	suse	model:	linux ppc	scope:	eq	version:	6.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition sp1 beta	scope:	eq	version:	20031	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.2	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	suse	model:	linux i386	scope:	eq	version:	8.0	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.4	Trust: 0.3
vendor:	suse	model:	linux alpha	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition sp2	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux ppc	scope:	eq	version:	7.1	Trust: 0.3
vendor:	avaya	model:	s8710 r2.0.1	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	6.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	ne	version:	4.5.13	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	3.0	Trust: 0.3
vendor:	s u s e	model:	linux personal	scope:	eq	version:	9.1	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	sun	model:	sunos x86	scope:	eq	version:	5.9	Trust: 0.3
vendor:	s u s e	model:	linux personal x86 64	scope:	eq	version:	9.3	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition itanium	scope:	eq	version:	20030	Trust: 0.3
vendor:	sun	model:	solaris 8 sparc	scope:	-	version:	-	Trust: 0.3
vendor:	s u s e	model:	linux imap server	scope:	eq	version:	1.0	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition sp1 beta	scope:	eq	version:	20031	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	ne	version:	4.7	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	6.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	sun	model:	sunos	scope:	eq	version:	5.8	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	2.1	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5.11	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	7.1	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.6.2	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition sp2	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition itanium sp1 beta	scope:	eq	version:	20031	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	8.1	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	8	Trust: 0.3
vendor:	suse	model:	linux openexchange server	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	7	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	7.1x86	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	4.4	Trust: 0.3
vendor:	suse	model:	linux alpha	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	intuity lx	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.6.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	s u s e	model:	linux enterprise server for s/390	scope:	eq	version:	9.0	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	2.8	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	3.0	Trust: 0.3
vendor:	s u s e	model:	linux personal x86 64	scope:	eq	version:	9.1	Trust: 0.3
vendor:	s u s e	model:	linux professional	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	ne	version:	4.7	Trust: 0.3
vendor:	suse	model:	linux desktop	scope:	eq	version:	1.0	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	6.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition itanium sp1 beta	scope:	eq	version:	20031	Trust: 0.3
vendor:	suse	model:	linux alpha	scope:	eq	version:	7.0	Trust: 0.3
vendor:	redhat	model:	advanced workstation for the itanium processor ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	suse	model:	linux ppc	scope:	eq	version:	7.0	Trust: 0.3
vendor:	sun	model:	solaris 8 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	2.7	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	7.2	Trust: 0.3
vendor:	sun	model:	sunos	scope:	eq	version:	5.7	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.6.3	Trust: 0.3
vendor:	avaya	model:	s8300 r2.0.0	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux i386	scope:	eq	version:	6.4	Trust: 0.3
vendor:	sgi	model:	propack sp5	scope:	eq	version:	3.0	Trust: 0.3
vendor:	s u s e	model:	linux database server	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	services for unix	scope:	eq	version:	2.2	Trust: 0.3
vendor:	microsoft	model:	windows xp professional sp1	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	7.3	Trust: 0.3
vendor:	sco	model:	unixware	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	services for unix	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	4.4.1	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	microsoft	model:	services for unix	scope:	eq	version:	3.0	Trust: 0.3
vendor:	s u s e	model:	linux professional	scope:	eq	version:	7.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	s u s e	model:	linux personal	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux as ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	s u s e	model:	linux personal	scope:	eq	version:	9.0	Trust: 0.3
vendor:	avaya	model:	s8300 r2.0.1	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	microsoft	model:	windows xp home	scope:	-	version:	-	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux as	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux as	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition sp1	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	modular messaging	scope:	eq	version:	2.0	Trust: 0.3
vendor:	s u s e	model:	linux office server	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	s8710 r2.0.0	scope:	-	version:	-	Trust: 0.3
vendor:	sgi	model:	propack sp6	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.5.11	Trust: 0.3
vendor:	s u s e	model:	suse linux school server for i386	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.6	Trust: 0.3
vendor:	f5	model:	3-dns	scope:	eq	version:	4.6.2	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	7.0	Trust: 0.3
vendor:	sun	model:	solaris 7.0 x86	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	3	Trust: 0.3
vendor:	sun	model:	solaris 9 x86 update	scope:	eq	version:	2	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	suse	model:	linux sparc	scope:	eq	version:	7.3	Trust: 0.3
vendor:	avaya	model:	s8700 r2.0.1	scope:	-	version:	-	Trust: 0.3
vendor:	s u s e	model:	linux personal x86 64	scope:	eq	version:	9.2	Trust: 0.3
vendor:	microsoft	model:	services for unix	scope:	eq	version:	3.5	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	microsoft	model:	windows xp professional sp2	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp home sp2	scope:	-	version:	-	Trust: 0.3
vendor:	s u s e	model:	suse email server iii	scope:	-	version:	-	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	2.1	Trust: 0.3
vendor:	s u s e	model:	linux personal x86 64	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	suse	model:	linux i386	scope:	eq	version:	7.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.3	Trust: 0.3
vendor:	microsoft	model:	services for unix	scope:	eq	version:	2.0	Trust: 0.3
vendor:	microsoft	model:	windows xp 64-bit edition sp1	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 9 x86	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5.12	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	6.1	Trust: 0.3
vendor:	microsoft	model:	windows xp 64-bit edition version sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	suse	model:	linux alpha	scope:	eq	version:	6.4	Trust: 0.3
vendor:	sun	model:	sunos x86	scope:	eq	version:	5.7	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	s u s e	model:	suse email server	scope:	eq	version:	3.1	Trust: 0.3
vendor:	suse	model:	linux sparc	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	s u s e	model:	linux enterprise server for s/390	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	avaya	model:	converged communications server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	sco	model:	unixware	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	9	Trust: 0.3
vendor:	avaya	model:	modular messaging	scope:	eq	version:	1.1	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	s u s e	model:	linux connectivity server	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux es ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	microsoft	model:	windows xp 64-bit edition version	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition itanium sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	10.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux as	scope:	eq	version:	2.1	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	suse	model:	linux alpha	scope:	eq	version:	6.3	Trust: 0.3
vendor:	suse	model:	linux	scope:	eq	version:	5.3	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	4.5.10	Trust: 0.3

sources: BID: 13940 // JVNDB: JVNDB-2005-000382 // NVD: CVE-2005-1205 // CNNVD: CNNVD-200506-123

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2005-1205
value:	MEDIUM
Trust: 1.8
CNNVD:	CNNVD-200506-123
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2005-1205
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2005-1205
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9

sources: VULMON: CVE-2005-1205 // JVNDB: JVNDB-2005-000382 // NVD: CVE-2005-1205 // CNNVD: CNNVD-200506-123

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1205

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200506-123

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200506-123

CONFIGURATIONS

sources: NVD: CVE-2005-1205

PATCH

title:	MS05-033	url:	http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx	Trust: 0.8
title:	krb5	url:	http://www.miraclelinux.com/support/update/data/krb5.html	Trust: 0.8
title:	RHSA-2005:562	url:	https://rhn.redhat.com/errata/rhsa-2005-562.html	Trust: 0.8
title:	RHSA-2005:504	url:	https://rhn.redhat.com/errata/rhsa-2005-504.html	Trust: 0.8
title:	101665	url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1	Trust: 0.8
title:	101671	url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1	Trust: 0.8
title:	101665	url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-3	Trust: 0.8
title:	101671	url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-3	Trust: 0.8
title:	MS05-033	url:	http://www.microsoft.com/japan/technet/security/bulletin/ms05-033.mspx	Trust: 0.8
title:	RHSA-2005:562	url:	http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-562j.html	Trust: 0.8
title:	RHSA-2005:504	url:	http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-504j.html	Trust: 0.8

sources: JVNDB: JVNDB-2005-000382

EXTERNAL IDS

db:	BID	id:	13940	Trust: 2.8
db:	NVD	id:	CVE-2005-1205	Trust: 2.8
db:	SECUNIA	id:	15690	Trust: 2.6
db:	CERT/CC	id:	VU#800829	Trust: 2.5
db:	SECTRACK	id:	1014203	Trust: 1.7
db:	JVNDB	id:	JVNDB-2005-000382	Trust: 0.8
db:	MS	id:	MS05-033	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:1132	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:784	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:605	Trust: 0.6
db:	IDEFENSE	id:	20050614 MULTIPLE VENDOR TELNET CLIENT INFORMATION DISCLOSURE VULNERABILITY	Trust: 0.6
db:	CNNVD	id:	CNNVD-200506-123	Trust: 0.6
db:	VULMON	id:	CVE-2005-1205	Trust: 0.1
db:	PACKETSTORM	id:	37995	Trust: 0.1

sources: VULMON: CVE-2005-1205 // BID: 13940 // JVNDB: JVNDB-2005-000382 // PACKETSTORM: 37995 // NVD: CVE-2005-1205 // CNNVD: CNNVD-200506-123

REFERENCES

url:	http://secunia.com/advisories/15690/	Trust: 2.6
url:	http://www.securityfocus.com/bid/13940	Trust: 2.6
url:	http://www.kb.cert.org/vuls/id/800829	Trust: 2.5
url:	http://idefense.com/application/poi/display?id=260&type=vulnerabilities	Trust: 1.8
url:	http://securitytracker.com/id?1014203	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a784	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a605	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1132	Trust: 1.1
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-033	Trust: 1.1
url:	http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1205	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1205	Trust: 0.8
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:784	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:605	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1132	Trust: 0.6
url:	http://support.avaya.com/elmodocs2/security/asa-2005-145_rhsa-2005-504.pdf	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2005-562.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2005-567.html	Trust: 0.3
url:	http://www.microsoft.com/windowsserversystem/sfu/	Trust: 0.3
url:	http://tech.f5.com/home/bigip/solutions/advisories/sol4616.html	Trust: 0.3
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1	Trust: 0.3
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1	Trust: 0.3
url:	/archive/1/402230	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=32c4e286-2c4d-491a-9e05-4ca0b055d5dc	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/1176/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/22/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=c6161d9e-1672-479e-8baf-754a64dfab47	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=7c3dd615-b82d-4520-9c3a-376283b01d5b	Trust: 0.1
url:	http://secunia.com/product/1175/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/product/16/	Trust: 0.1
url:	http://secunia.com/product/5243/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=22095e78-a559-40ea-8b65-9c727f4e752f	Trust: 0.1
url:	http://secunia.com/product/5244/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=b8ba775e-e9a7-47e9-81a9-a68a71b9faac	Trust: 0.1
url:	http://secunia.com/product/1173/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=dcc6840f-e626-4266-a63a-cddec0ec44d6	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=b281550b-8fae-4ff3-9bb7-e4ba325779b9	Trust: 0.1
url:	http://secunia.com/product/1174/	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=8eaad650-54db-44bc-ac9b-fc8a50f5a3b5	Trust: 0.1
url:	http://www.microsoft.com/downloads/details.aspx?familyid=c23a4e16-e228-4a80-a4cb-9dcef462b97a	Trust: 0.1

sources: VULMON: CVE-2005-1205 // BID: 13940 // JVNDB: JVNDB-2005-000382 // PACKETSTORM: 37995 // NVD: CVE-2005-1205 // CNNVD: CNNVD-200506-123

CREDITS

Gaël Delalleau gael.delalleau+ moz@m4x.org

Trust: 0.6

sources: CNNVD: CNNVD-200506-123

SOURCES

db:	VULMON	id:	CVE-2005-1205
db:	BID	id:	13940
db:	JVNDB	id:	JVNDB-2005-000382
db:	PACKETSTORM	id:	37995
db:	NVD	id:	CVE-2005-1205
db:	CNNVD	id:	CNNVD-200506-123

LAST UPDATE DATE

2023-12-18T11:13:25.482000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2005-1205	date:	2018-10-12T00:00:00
db:	BID	id:	13940	date:	2006-08-02T20:16:00
db:	JVNDB	id:	JVNDB-2005-000382	date:	2007-04-01T00:00:00
db:	NVD	id:	CVE-2005-1205	date:	2018-10-12T21:36:25.407
db:	CNNVD	id:	CNNVD-200506-123	date:	2012-12-26T00:00:00

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2005-1205	date:	2005-06-14T00:00:00
db:	BID	id:	13940	date:	2005-06-14T00:00:00
db:	JVNDB	id:	JVNDB-2005-000382	date:	2007-04-01T00:00:00
db:	PACKETSTORM	id:	37995	date:	2005-06-16T05:01:37
db:	NVD	id:	CVE-2005-1205	date:	2005-06-14T04:00:00
db:	CNNVD	id:	CNNVD-200506-123	date:	2005-04-21T00:00:00