Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat would like to thank iDefense for their responsible disclosure of this issue.