From the SANS diary:
"the development on automated scripts exploiting key based SSH authentication looks like a real threat to SSH servers around the world (any SSH server using public keys that were generated on a vulnerable Debian machine"...
check out the rest of the story:
http://isc.sans.org/diary.html?storyid=4421
---very important!---
