source: http://www.securityfocus.com/bid/995/info

The Pragma Systems InterAccess TelnetID Server 4.0 (Build 4) has an unchecked buffer in the code that handles login commands. Arbitrary code is capable of being executed on the InterAccess TelnetD Server if a string of over 300 characters is used as a login name.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/19755-1.exe

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/19755-2.zip
源链接

Hacking more

...