FreeBSD Security Advisory (FreeBSD-SA-11:09.pam_ssh.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:09.pam_ssh.asc
Upgrade your system to the appropriate stable release or security branch dated after the correction date
The PAM (Pluggable Authentication Modules) library provides a flexible framework for user authentication and session setup / teardown. It is used not only in the base system, but also by a large number of third-party applications. Various authentication methods (UNIX, LDAP, Kerberos etc.) are implemented in modules which are loaded and executed according to predefined, named policies. These policies are defined in /etc/pam.conf, /etc/pam.d/<policy name>, /usr/local/etc/pam.conf or /usr/local/etc/pam.d/<policy name>. The base system includes a module named pam_ssh which, if enabled, allows users to authenticate themselves by typing in the passphrase of one of the SSH private keys which are stored in encrypted form in the their .ssh directory. Authentication is considered successful if at least one of these keys could be decrypted using the provided passphrase. By default, the pam_ssh module rejects SSH private keys with no passphrase. A nullok option exists to allow these keys. The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pam_ssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate themselves by providing a dummy passphrase.