OpenSSH versions 2.0 through 3.0.2 has a local root vulnerability. All OpenSSH users should get a patch from their vendor or www.ssh.org. http://www.pine.nl/advisories/pine-cert-20020301.html