if you run a multi-user freebsd with shell users, http://lists.freebsd.org/pipermail/freebsd-security/2009-December/005369.html describes a 0day and a patch randy