SNMP access, unauthenticated telnet (TCP/21) and rlogin (TCP/513) access.
vulners.com/securityvulns/securityvulns:doc:10263