Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote malicious users to gain root privileges.
ibm aix 4.3
ibm aix 5.1