Hi,

Various openssh 6.2p1 users including our administrators
stumbled over this nice bug in the "nanossh server" during pre authentication
phase within nanossh ( https://www.mocana.com/for-device-manufacturers/nanossh/ )

Bug at openssh bugzilla:
  https://bugzilla.mindrot.org/show_bug.cgi?id=2116
  http://www.gossamer-threads.com/lists/openssh/bugs/55880  

Basically if the HMAC list is unexpected long (>1) the remote nanossh
daemon will crash. Unclear if code execution, but well, I would not bet against it.

Also unclear if more than the listed Nortel switches are affected, or all
nanossh deployers, but probably yes.

Ciao, Marcus