This is how tcp_wrappers works. You don't run the service (in.telnetd in your case) directly, but through in.tcpd. It's in.tcpd that listens for connections on port 23 and when there is one it looks /etc/hosts.allow, /etc/hosts.deny to see if it has to allow it. If everything is ok then it passes control to the real daemon in.telnetd.
I guess someone has installed in.tcpd at a later time (that's why it's installed in /usr/local) and had configured it wrong.
If you want to enable it make use of its "security" features of hosts.allow and hosts.deny, take a look at this