There's a new exploit circulating that affects the linux kernel. The upshot is that it will give a remote attacker a rootshell even if the box in question doesn't have a single open port. This affects all linux boxes running the 2.4.10 or higher kernel. The exploit code is here: