http://razor.bindview.com/publish/advisories/adv_ssh1crc.html

In Debian fashion, the OpenSSH package in Potato has allready been fixed.
OpenSSH prior to 2.3.0 is vulnerable. 

If you don't have the security sources in /etc/apt/sources.list:
deb http://security.debian.org/ stable/updates main contrib non-free
deb-src http://security.debian.org/ stable/updates main contrib non-free

--
Andy Zbikowski, Sys Admin   | (WEB) http://www.ltiflex.com
LTI Flexible Products, Inc. | (PH)  763-428-9119 (EX) 132
21801 Industrial Blvd       | (FX)  763-428-9126
Rogers, MN  55374           | (PCS) 612-306-6055
-------------- next part --------------
A non-text attachment was scrubbed...
Name: andyzb.vcf
Type: text/x-vcard
Size: 367 bytes
Desc: Card for Andy Zbikowski
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010209/e0ba80e4/andyzb.vcf