“Some versions of sshd are vulnerable to a buffer overflow that
can allow an intruder to influence certain variables internal to
the program. This vulnerability alone does not allow an intruder to
execute code.”
“However, a vulnerability in RSAREF2, which was discovered
and researched by Core SDI, can be used in conjunction with the
vulnerability in sshd to allow a remote intruder to execute
arbitrary code….“
“Also, only versions of SSH compiled with RSAREF support, via
the –with-rsaref option, are vulnerable to these issues.”