A plausible symlink attack exists in networker version 6.0 in the shutdown script.
f71446ef6211d128c354e2004097b4569b81064c3ae7c06613e3f72160b90019
Attached is an exploit that crashes the Pointbase 4.6 database server that comes with the J2EE reference implementation. It is caused by fact that the Pointbase installation coming with j2ee/ri 1.4. is not equipped with an appropriate security manager, thus giving all jars implicitly all permissions. These unlimited permissions can be exploited by an attacker using jdbc to crash the jvm running the pointbase server. Further exploitations possible are information disclosure and remote command injection.
dce14b7ba6ef63416061596683c967a3e51ca10f2c1f0204a348921ccdd803ca
Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.
10dae39fc506d25c870163518f0077627ecaf939966caa0aad04678186ced065
Pablo FTP server version 1.77 allows for information disclosure by detecting whether or not a file exists outside of the FTP root directory, allow a remote attack to peruse the system at will.
30472f2da0279acae8a308c9b219bd017b1c9a745f39a30ef1595f0e3ec6872e
The Mambo Open Source web content management system allows for remote command execution as the webserver user id due to a lack of input validation.
da6f8e308f6903ca98dc9383805abc68a8004be17d4c4787d292645cd9e1a4cb