| Patch Name : |
WindowsServer2003-KB896428-x86-enu.exe |
| Patch Description : |
Security Update for Windows Server 2003 (KB896428) |
| Bulletin Id : |
MS05-033 |
| Bulletin Title : |
Vulnerability in Telnet Client Could Allow Information Disclosure (896428) |
| KnowledgeBase : | 896428 |
| Severity : |
Moderate |
| Location Path : | WindowsServer2003-KB896428-x86-enu.exe |
| Bulletin Summary: |
This update resolves a newly-discovered, privately-reported vulnerability. An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have open connections to a malicious telnet server. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
We recommend that customers consider applying the security update. |
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Jun 14, 2005 |
| CVE Id : | CAN-2005-1205 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows Server 2003 for Small Business Server | Windows Server 2003 Gold |
| Windows Server 2003, Datacenter Edition | Windows Server 2003 Gold |
| Windows Server 2003, Enterprise Edition | Windows Server 2003 Gold |
| Windows Server 2003, Standard Edition | Windows Server 2003 Gold |
| Windows Server 2003, Web Edition | Windows Server 2003 Gold |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\Telnet.exe | 5.2.3790.329 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Server 2003\SP2\KB896428 | | -2 |
|
