Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection.
The flaw is caused due to a boundary error within the "encrypt_keyid()" function (libtelnet/encrypt.c). This can be exploited to cause a buffer overflow via a long encryption key.
Apply the vendor supplied patch for the target system or update FreeBSD/krb5.
This exploit has been tested against telnetd on FreeBSD 8.0, FreeBSD 8.2, NetBSD 5.1 and Debian 6.0.2 Heimdal Server 1.5.
Linux / Debian