The version of OpenSSH running on the remote host is prior to version 5.9. Such versions are affected by multiple denial of service vulnerabilities:
- A denial of service vulnerability exists in the gss-serv.c ‘ssh_gssapi_parse_ename’ function. A remote attacker may be able to trigger this vulnerability if gssapi-with-mic is enabled to create a denial of service condition via a large value in a certain length field. (CVE-2011-5000)
- On FreeBSD, NetBSD, OpenBSD, and other products, a remote, authenticated attacker could exploit the remote_glob() and process_put() functions to cause a denial of service (CPU and memory consumption). (CVE-2010-4755)