MIT krb5's supplied telnet client is vulnerable to buffer overflows in the functions slc_add_reply() and env_opt_add(). These can be exploited by a malicious server to which the client is trying to connect.
e4c1476ad7afba11079985f9690f65b19a9f0750826a16ff4f4d3bf05f3d8da9