Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 10.0.14393.5989 |