CVE-2004-2306

Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.

CVE-2002-2089

Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.