Discovered by: Kingcope
This mindblowingly simple vulnerability does not require any special hacking tools or shellcode. It can be exploited with nothing more than a standard telnet client and leads to instant root on Solaris 10 and 11. The best part is that the exact same vulnerability was reported to Bugtraq back in 1994. For more details see the original advisory and detailed analysis of the bug.