talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.

talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.

Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.

umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.

When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service.

Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.

64 bit Solaris 7 procfs allows local users to perform a denial of service.

Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.

The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.

In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.

A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.

The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.

Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.

Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.

Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.