None.
None.
No authorization check is done for the requesting client, which does not appear as a serious vulnerability, as the only data transferred is a standard Solaris bootstrap.
No authorization check is done for the supplying server, which is a potentially serious vulnerability as a rogue server could subvert the installation process.
None, which does not appear as a serious vulnerability, as the only data transferred is a standard Solaris bootstrap.
None. Initial installation is vulnerable to productive corruption attacks.
Flood attacks and corruption attacks might disrupt service.
None.