Just noticed this at Binary Bonsai: Pesudo-Serious WordPress Bug. If you’re using either of the WordPress versions mentioned below you may want to make the quick change to the wp-login.php file mentioned here.
You’ll probably want to make sure that you remove these lines from your wp-login.php, as they can cause the overwriting of your site’s URI, causing all kinds of problems (as you may have noticed earlier here).
As far as I know, it’s a problem in 1.2.1 and 1.3a5. There’s some talk about it at the forums as well as on the hackers mailing list.
If your site has been affected, open your mysql database manually and go into wp_options and change the URI back. That should do it.