{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows XP Professional x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Services pour UNIX versions 2.2, 3.0 et 3.5 sur plate-forme Microsoft Windows 2000 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 pour Itanium et Microsoft Windows Server 2003 avec Service Pack 1 pour Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 1 et Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 et Microsoft Windows Server 2003 avec Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLe client Telnet permet d'\u00e9muler un terminal \u00e0 distance.  \nUne vuln\u00e9rabilit\u00e9 dans la gestion de la commande NEW-ENVIRON permet \u00e0 un\nutilisateur mal intentionn\u00e9, via un serveur Telnet malicieux, d'avoir\nacc\u00e8s \u00e0 des informations sensibles sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 iDEFENSE 06.14.05 du 14 juin 2005 :","url":"http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1205"},{"title":"Bulletin de s\u00e9curit\u00e9 iDEFENSE 06.14.05 du 14 juin 2005 :","url":"http://www.idefense.com/application/poi/display?id=260&type=vulnerabilities"}],"reference":"CERTA-2005-AVI-214","revisions":[{"description":"version initiale.","revision_date":"2005-06-15T00:00:00.000000"},{"description":"correction orthographique.","revision_date":"2005-10-06T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le client Telnet de Microsoft permet \u00e0 un\nutilisateur mal intentionn\u00e9 d'avoir acc\u00e8s \u00e0 des informations sensibles\nsur le syst\u00e8me vuln\u00e9rable.\n","title":"Vuln\u00e9rabilit\u00e9 du client Telnet Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS05-033 du 14 juin 2005","url":"http://www.microsoft.com/technet/security/bulletin/MS05-033.mspx"}]}