pre-auth buffer overflow in ipmi devices
Looks like a dutch datacenter providing virtual private servers (VPS) got owned. The community-driven Soleus Hosts has exported their iSCSI targets world-writeable, unless some bored dutch guy demonstrated the seriousness of this incident by replacing all the ssh-keys on the compromised boxes. (via bugblue)
an review of Windows Vista's network services (be careful, publisher is Symantec:-)