Am sure you've already heard of today's announcement of the flaw in OpenSSH detailed at http://www.openssh.com/txt/buffer.adv but I felt this affects enough people to justify a posting to this list. Exploits are in the wild already so upgrade to OpenSSH 3.7 (see your vendor or openssh.com) or apply the patch provided at OpenSSH.com Regards, James