Attackers can do a denial of service of IRC by crashing the server.

Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.

Livingston portmaster machines could be rebooted via a series of commands.

Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.

Denial of service of inetd on Linux through SYN and RST packets.

Routed allows attackers to append data to files.

Denial of service by sending forged ICMP unreachable packets.

libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.

Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.

Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.

Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

The SunView (SunTools) selection_svc facility allows remote users to read files.

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.

MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.

Denial of service in Sendmail 8.6.11 and 8.6.12.

Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.

A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.