Title: Heimdal TelnetD Denial of Service
Description: Heimdal is a free implementation of the Kerberos 5
network authentication protocol. It contains several Kerberos-enabled
network server applications. The "telnetd" program provides remote
access. It is prone to a remote denial of service vulnerability due to
a design error in the application during the initial connection to
telnetd before authentication. The resulting NULL pointer de-reference
causes telnetd to crash.
Ref: http://www.us.debian.org/security/2006/dsa-977

The fix is in Heimdal 0.6.6, but NetBSD seems to still be using Heimdal 0.6.3.