Vulnerability In SSH1
Bindview released an advisory yesterday warning us that "[a]n integer-overflow problem is present in common code of recent ssh daemons, deattack.c, which was developed by CORE SDI to protect against cryptographic attacks on SSH protocol. This effectively allows an attacker to overwrite arbitrary portions of memory". Practically all common versions of SSH1 are affected, except OpenSSH 2.3.0. A fix is already in the works, so stay tuned for that.