redhat has announced a new kernel has been released, which currently removes the ssh vulnerability. Currently any kernel previous to 2.4.20-31 (redhat rpm's only) allows any user to login via ssh and su to root, thusly creating a vulnerability in the kernel itself. Beginning with 2.4.20-31, a security feature called apf has been added into the modules which disallows root logins and su, as well as sudo. It's strongly advised that all users upgrade to 2.4.20-31 as soon as possible. It's also rumored that beginning with 2.4.20-32, redhat will disallow any and all ssh access to the server through the kernel itself.
