ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.