The remote host is using a version of Portable OpenSSH that may allow an attacker to determine if an account exists or not by a timing analysis.
Binary data 1984.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0190
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1562