A buffer overflow in lsof allows local users to obtain root privilege.

Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.

The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the att...

The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext.

DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

Buffer overflow in Dosemu Slang library in Linux.

Buffer overflow in the bootp server in the Debian Linux netstd package.

A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.

The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.

ACC Tigris allows public access without a login.

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.

Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.

Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.

Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.

Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.

NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging.

MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.