I just throught i'd post it on here, it has come to my attention that the following versions of openssh are vulnerable, and to my understanding, they are also installed by default on redhat 7.2 and FreeBSD 4.5. The exploit must be done by someone with an account (to my understanding heh), so you can't get remote rooted unless they have some level of access to your system, but it's still a definite threat, and this vulnerability will grant them root privaledges. I won't explain anything more about it really, no need to give script kiddies a helping hand, but if you've got the following, i would strongly recommend an upgrade:
