The telnet proxy of the Avirt Gateway v4.2 is vulnerable to a remotely exploitable buffer overflow which allows execution of arbitrary code. Entering a String of about 510bytes at the „Ready>“ prompt will overwrite EIP.
Exploit will bind a shell to a specified port on the attacked host.

Read proof of concept at