Forum OpenACS Q&A: Response to OpenSSH vulnerability (URGENT)

Never trust anybody that says they can't be compromised for whatever reason.

You can't blame this one on OpenBSD though according to some of the Slashdot buzz. It is said that OpenBSD downloads are provided via a box running SunOS. (Unless the blackhats broke in via an OpenSSH vulnerability, then we blame the whole thing on the OpenSSH folks.)