Due to insufficient bounds checking on the buffer where the hostname is stored, it is possible to overwrite the internal stack space of talkd. May allow intruders to remotely execute arbitrary commands with these privileges.