Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.