Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.

Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet.

Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.

Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.

System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.

HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.

An account on a router, firewall, or other network device has a guessable password.

Nestea variation of teardrop IP fragmentation denial of service.

Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.

inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.

Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.

ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.

ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.

Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.

UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.

A Unix account has a default, null, blank, or missing password.

Linux bdash game has a buffer overflow that allows local users to gain root access.