The open-source FreeBSD operating system contains all twenty years a large vulnerability in the telnet server, allowing remote root access can be obtained. The bug is also in Mac OS X and Linux distros.
FreeBSD developers have announced the vulnerability just before the kerstweekend and have updates released to fix the problem.
According to the developers, they were forced to do so because the bug is active in the wild is abused. The bug in the telnet daemon allows remote root access to a server to get.
The impact of the problem is probably, because the use of telnet for years, it is not recommended: ssh is much more reliable. What is striking is that the bug has been twenty years in the software, and thus was abuse when telnet still was prevalent. Only in 2001 was to telnet in FreeBSD by default.
Thexploit writes that it is a buffer overflow vulnerability, where software the maximum length of a string does not correctly check. An attacker can therefore own add code, and in this case, root access.
Possible is also Mac OS X is vulnerable if the telnet daemon is enabled: from the source code of the telnet client that Apple in accordance with the license terms online, it appears that this same code contains. Also the Debian-implementation of the telnet daemon was vulnerable, but only if the Kerberos protocol was used. Debian is like FreeBSD is used a lot in servers and Ubuntu is Debian-based.