Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.