CERT Advisory CA-2002-18 - Openssh v2.3.1p1 to 3.3 contains two related vulnerabilities. A vulnerability in the PAM modules that use interactive keyboard authentication (PAMAuthenticationViaKbdInt) can allow remote execution of code. In addition, challenge response configuration option is set to yes and the system is using SKEY or BSD_AUTH, an intruder can execute code remotely.
f0bdb9401d2ec34c70d96390ea04769cd584fdb46475bc7f213309afd69dc263