'The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.'
Low security risk. Fixed in backported patch (ClearOS 6.x)
This bug allows an authenticated SSH users to cause a denial of service condition when gssapi-with-mic authentication is enabled. Since ClearOS allows only root access by default, this condition is low risk where present. Only administrators should be allowed in via SSH (ClearOS 5.x). This issue is fixed in a backported patch (ClearOS 6.x).
To validate that you are running openssh-5.3p1-81.el6 or later, run the following:
rpm -qi openssh
If you need to update, run the following: