Microsoft Security Bulletin (MS00-067) - Microsoft has released a patch for the "Windows 2000 Telnet Client NTLM Authentication" vulnerability in the telnet client that ships with Microsoft Windows 2000. The vulnerability allows a malicious user to obtain cryptographically protected NTLM logon credentials from another user by creating a HTML document that, when opened, attempts to initiate a Telnet session to a rogue telnet server. Microsoft FAQ on this issue available here. By
34c0e50c48ca898fba0caa41c3a1760910f4f14b482584bf5b5a60d7a1017fb5