What I’m asking is if there have ever been any vulnerabilities of the following kind, especially recently, and if so how many or how common they have been.
- Must be present in the OS/distro in its default configuration. For example, a vulnerability in Photoshop doesn’t count, because Photoshop isn’t installed by default in any OS that I know of.
- Must be exploitable from the network (either from LAN or WAN, it doesn’t matter, all it matters is that no physical access should be required).
- Must be a zero-click flaw, so user interaction should not be required at all. Not even triggered by social engineering: the OS should be able to be compromised just because it’s running and connected to a network, with nobody at the keyboard).
- Must be in a relatively popular OS/distro, so "Rare Distro Linux" or "Temple OS" don’t count. I’m interested in Linux-based or Linux-related environments, but if you also have examples from other areas you can mention them for completeness (I think some WinXP release would qualify but I’m not sure).