In versions of the PHP 3 packages before version 3.0.17, several formatstring bugs could allow properly crafted requests to execute code as theuser running PHP scripts on the web server, particularly if error loggingwas enabled.
Comment
libpam-smb contains a buffer overflow that can be used to execute arbitrary commands with root privilege.
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
A format string bug was recently discovered in screen which can be used to gain elevated privilages if screen is setuid.
Multiple security problems and a gpmctl vulnerability exists.