Exploits: SunOS / Solaris
solarisximp40.c solaris ximp40 library package is vulnerable to an exploit that could escalate an attackers privelages.
linuxreplytomail_xpl.txt the linux and solaris mail client has a buffer over flow in the 'reply to:' field.
solaris7mail_xpl.c solaris 7’s mail client with the –m option doesn’t properly check input, and is vulnerable to an exploit that executes arbitrary commands. Here’s the c kode you need.
solaris_replytomail_xpl.c the reply-to field of an email can contain specially formatted characters that /usr/bin/mail will parse, executing arbitrary commands.