GEN:SID 1:711
Message TELNET SGI telnetd format bug
Summary This event is generated when an attempt is made to exploit a flaw in SGI IRIX's telnetd.
Impact Serious. Arbitrary code execution. Possible remote root compromise of
the host.
Detailed Information When setting one of the _RDL environment variables, IRIX's telnetd logs
the information via syslog. When telnetd calls syslog, it is possible to
manipulate the variable to overwrite values on the stack so that code
given is executed as the user telnetd is run as, typically root.
Affected Systems SGI IRIX versions 6.2 to 6.5.8
    SGI IRIX versions 5.2 to 6.1 with patches 1010 and 1020.
Attack Scenarios An attacker can gain a root shell with this attack.
Ease of Attack Simple. Exploit code exisits and is readily available.
Corrective Action Apply patch from SGI.
Additional References Arachnids:
http://www.whitehats.com/info/IDS304

Bugtraq:
http://www.securityfocus.com/bid/1572
Rule References arachnids: 304
bugtraq: 1572
cve: 2000-0733