SecurityFocus reports that a weakness has been discovered in the entropy pool implemented by the /dev/random device on various Unix-derived operating systems. "The problem occurs when the pool has been emtpied, and the entropy mechanism begins to the seed the pool with a source of pseudo-random data."
It has been discovered that due to keystrokes from the console being a source of seeding the entropy pool, it may be possible for an attacker to deduce a user's keystrokes.
A list of vulnerable systems can be found at http://www.securityfocus.com/bid/8425/info/