A critical security flaw in SSH has been revealed that threatens servers worldwide.

SSH is a widely used encrypted remote management shell for Unix, Linux and BSD platforms. Experts say attackers have been exploiting the vulnerability to gain access to systems illegally for months.

What started as quiet mumblings and rumors turned into screaming warnings yesterday as the security community slowly learned of the threat. Chief hacking officer of U.S.-based eEye Digital Security told ZDNet Australia by phone the vulnerability should be taken very seriously. "It's pretty close to a skeleton key to most networks," he said.

It's not uncommon for vulnerabilities in Unix-style systems to be exploited for months by the underground community, Maiffret said. "It's definitely happened in the past with SSH vulnerabilities ... it's definitely a recurring theme for Unix vulnerabilities."

Read More At (http://zdnet.com.com/2100-1105_2-507...ag=zdnnfd.main)