There are currently rumors of an OpenSSH 4.3 0day flaw being exploited in the wild. http://www.webhostingtalk.com/showthread.php?t=873301 http://secer.org/hacktools/0day-openssh-remote-exploit.html http://twitter.com/#search?q=openssh http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0028.html http://isc.sans.org/diary.html?storyid=6742 http://lwn.net/Articles/340360/
The Red Hat Security Response team is aware of the unconfirmed rumour regarding a OpenSSH vulnerability. We are continuing to monitor the situation for more information and to establish any real facts surrounding this issue. Should it be found that there is an unfixed critical vulnerability of this type we will of course act immediately to address it.
OpenSSH upstream author Damien Miller has a good commentary regarding this issue: http://marc.info/?l=openssh-unix-dev&m=124705272824524&w=2
*** Bug 510199 has been marked as a duplicate of this bug. ***
Some more links: SANS have classified this issue as a hoax: http://isc.sans.org/diary.html?storyid=6760 Commentary from OpenSSH developer Damien Miller http://www.itwire.com/content/view/26175/1090/
And more followup coverage: "OpenSSH zero day exploit rumours not confirmed", http://www.heise.de/english/newsticker/news/141817 "OpenSSH update" (repost of Damien Miller's comments), http://lwn.net/Articles/340483/
WARNING: Besides the rumour, there is a fake 0pen0wn.c exploit being circulated around. Do not run it! Thierry wrote an interesting blog post about it at: http://blog.zoller.lu/2009/07/0pen0wnc-shellcode-dissasembled.html It is a good practice not to run any exploit until you understand what the shellcode/payload does :)