Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.

Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.

Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.

Denial of service in Samba NETBIOS name service daemon (nmbd).

Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.

The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.

Buffer overflow in Solaris dtprintinfo program.

Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.

BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.

Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.

Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol.

Buffer overflow in AIX ftpd in the libc library.

The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file.

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.

Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.

IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.

Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.