The installed version of OpenSSH is prior to 4.2 and is affected by the following vulnerabilities:
- X11 forwarding may be enabled unintentionally when multiple forwarding requests are made on the same session, or when an X11 listener is orphaned after a session goes away. (CVE-2005-2797)
- GSSAPI credentials may be delegated to users who log in using something other than GSSAPI authentication if ‘GSSAPIDelegateCredentials’ is enabled. (CVE-2005-2798)