Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
http://www.securityfocus.com/bid/219
http://www.iss.net/security_center/static/7535.php
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/148