Short version.
For many versions and configurations just pressing backspace 28 times and enter instead of password you get rescue shell (with consequences if you have bad intentions).
Longer version
Pressing backspace without proper string length check cause stack damage. If you press it enough same happens with return address.
As result CPU jumps to 0 address (IVT table) after pressing enter.
This cause memory copy that repeats few times. In result we will get to retw instruction that will cause jump to address of rescue shell.
Very long version at http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
It looks like you're new here. If you want to get involved, click one of these buttons!