Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
MITRE description: Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. Acknowledgments: Red Hat would like to thank iDefense for their responsible disclosure of this issue.