Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5731
http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1