In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.

Solaris ff.core allows local users to modify files.

Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.

The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.

Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.

Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address.

Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port.

Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.

XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

ftp on HP-UX 11.00 allows local users to gain privileges.

Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.

OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.

Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names.

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.