The telnet client protocol can be abused by a malicious server to read the environment of the client site. The information can be used as preparation for
further attacks. This bug can also be exploited by using the telnet:// URL on
a web-site and letting the web-browser fork a telnet client.
This bug was reported by iDEFENSE [IDEF0865].
Note that this patch changes the behaviour of the telnet client regarding the
rule of exported environment variables. Please consult the man page for further