NetBSD is prone to an overflow condition related to telnetd. The encrypt_keyid function in encrypt.c fails to properly sanitize user-supplied input resulting in an overflow. With a specially crafted keyid encryption value, a remote attacker can potentially execute arbitrary code or cause a denial of service.
Remote / Network Access
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.