In some cases where a system must be configured so that specific users only have access to POP, FTP, or restricted shell, the addition of the SSH protocol server (sshd) may create a security hole allowing the user to make tcp connections appearing to be from root at the attacked host.
b2f8217f0471c597f8b0ac1f18a5b0315b75631438e85a978bfca358a4096d15
Forged packets can be send out from a Linux system, for example for NFS attacks or any other protocol relying on addresses for authentification, even when protected from the outside interfaces by firewalling rules. Most of the time, existing firewalling rules are bypassed. This requires at least a shell account on the system.
8d159590c7c839774eb2f8a7c4dddf0737f16a6cf7e3d10393036232f45f5469