snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local malicious users to modify the host's configuration.
sco openserver 5.0.5