A remote login service processes usernames and passwords sent by users. It stores the credentials in fixed-size memory buffers during the authentication process. The system does not enforce strict length checks on incoming login data. An attacker sends unusually long authentication input to the service. Explain how this vulnerability could allow the attacker to bypass authentication or gain elevated privileges.