Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
Debian Security Advisory 678-1 - Vlad902 discovered a vulnerability in the rwhod program that can be used to crash the listening process. The broadcasting one is unaffected.