Kyu Neushwaistein discovered that telnetd in Inetutils incorrectly handled certain environment variables. A remote attacker could use this issue to bypass authentication and open a session as an administrator.
2:2.2-2ubuntu0.22:2.5-3ubuntu4.12:2.6-1ubuntu3.1