In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

NetBSD netstat command allows local users to access kernel memory.

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.

Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.

The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.

nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets.

WS_FTP server remote denial of service through cwd command.

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.

ACC Tigris allows public access without a login.

IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.

Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.

The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.

FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.

Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.

Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.

A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.

Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.