A vulnerability in the telnetd of GNU Inetutils allows attackers from the network to inject malicious code – without prior authentication. An update to patch the security hole is not yet available.