Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.

FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.

NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.

Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.

Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.

Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.

Buffer overflow in Samba smbd program via a malformed message command.

Denial of service in Samba NETBIOS name service daemon (nmbd).

Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".

Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.

The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.

Buffer overflow in Solaris dtprintinfo program.

Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.