What are the most strange/sophisticated/surprising/deeply hidden software vulnerabilities or exploits you have ever seen? Places in code where you thought that there is no danger hidden, but were wrong?
[To clarify: Everybody knows SQL injections, XSS or buffer overflows – bugs which often result from careless coding. But things like Ken Thompson hidden trojan (Reflections on Trusting Trust: http://cm.bell-labs.com/who/ken/trust.html), recent NULL dereference vulnerability in Linux kernel (http://isc.sans.org/diary.html?storyid=6820), or a complex attack on RNG using denial of service (http://news.ycombinator.com/item?id=639976) have disturbed me greatly.]
Update: Thanks all for answers, they were great. I had hard choice. Ultimately I decided to award the bounty to side channel/power monitoring attack. Nevertheless, all your answers combined show that I have to learn more about security, since it’s a really deep subject :).
My favorite and most impressive I’ve seen so far are a class of cryptography techniques know as Side Channel Attacks.
One type of a side channel attack uses power monitoring. Encryption keys have been recovered from smart card devices by carefully analyzing how much power is drawn from the power supply. The processors embedded within them use different amounts of power to process different sets of instructions. Using this tiny bit of information, it’s possible to recover protected data, completely passively.