Pre-auth buffer overflow in telnetd's SLC handler, sitting in the codebase since 1994. We used Striga, our AI-driven source code auditing platform, to reproduce the exploitation path and work out the byte constraints. The writeup covers the math for GOT overwrite on 32-bit and why the same approach is probably impossible on 64-bit.
