Vulnerabilities used for direct root compromise
Four that are currently most common
- rpc.cmsd (up to and including 2.7)
- rpc.ttdbserverd (up to and including 2.6)
- statd (up to and including 2.6)
- sadmind (up to and including 2.7)
Other possibilities
- snmpdx (up to and including 2.6)
- named -- inverse query issue (up to and including 2.6)
- rpc.nisd (up to and including 2.6)
- pcnfsd (in Intranet Extensions, not in standard install)
details at http://sunsolve.sun.com/pub-cgi/secBulletin.pl