Buffer overflow in listserv allows arbitrary command execution.

Denial of service in talk program allows remote attackers to disrupt a user's display.

Denial of service in Qmail through long SMTP commands.

Windows NT RSHSVC program allows remote users to execute arbitrary commands.

A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.

HP Remote Watch allows a remote user to gain root access.

Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".

Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.

Linux cfingerd could be exploited to gain root access.

Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.

Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.

php.cgi allows attackers to read any file on the system.

Remote execution of arbitrary commands through Guestbook CGI program.

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.

Bash treats any character with a value of 255 as a command separator.

IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.