According to its banner, the remote host appears to be running OpenSSH-portable version 3.6.1 or older and is affected by a flaw in such version that could allow an attacker to bypass the access controls set by the administrator of this server.
OpenSSH features a mechanism that can restrict the list of hosts a given user can log from by specifying a pattern in the user key file (ie: *.mynetwork.com would let a user connect only from the local network).
However there is a flaw in the way OpenSSH does reverse DNS lookups. If an attacker configures a DNS server to send a numeric IP address when a reverse lookup is performed, this mechanism could be circumvented.
Binary data 701171.prm