Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka Syst...

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which ma...

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dang...

AnyForm CGI remote execution.

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.

Solaris ufsrestore buffer overflow.

Buffer overflow in xlock program allows local users to execute commands as root.

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.

root privileges via buffer overflow in ordist command on SGI IRIX systems.

Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that...

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.

Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force att...

Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing m...

Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.

IRIX fam service allows an attacker to obtain a list of all files on the server.

webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.