Security Hole Found in OpenBSD
Saw this over at HNN :
The OpenBSD project is a volunteer run, cost free project aiming to produce an operating system that is both UNIX-like and multi-platform 4.4BSD-based. Considering how much emphasis OpenBSD places on security (only essential services of the system are enabled before being sent, a process they call "security by default"), it was surprising to learn they have fallen victim to the format string overflow problem. If OpenBSD, arguably the most proactively secure open source Unix operating system, contains vulnerabilities because of this problem, you can rest assured that many other OSes have more of the same. Don’t be surprised to see these format string vulnerabilities cropping up everywhere.