The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

Teardrop IP denial of service.

A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.