Ancient telnet bug happily hands out root to attackers

A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) allows attackers to gain root access to a target system by exploiting an argument injection flaw. The bug, introduced in a May 2015 update, has been trivial to exploit and is already being targeted by attackers. Users are advised to update to the latest version of telnetd, restrict network access to the telnet port, or switch to a more secure alternative such as SSH.