OpenSSH < 3.6.2 Reverse DNS Lookup Bypass

According to its banner, the remote host appears to be running OpenSSH-portable version 3.6.1 or older and is affected by a flaw in such version that could allow an attacker to bypass the access controls set by the administrator of this server.

OpenSSH features a mechanism that can restrict the list of hosts a given user can log from by specifying a pattern in the user key file (ie: *.mynetwork.com would let a user connect only from the local network).

However there is a flaw in the way OpenSSH does reverse DNS lookups. If an attacker configures a DNS server to send a numeric IP address when a reverse lookup is performed, this mechanism could be circumvented.