FreeBSD -- OpenSSH Denial of Service vulnerability
There is no limit on the password length.
A remote attacker may be able to cause an affected SSH
server to use excessive amount of CPU by sending very long
passwords, when PasswordAuthentication is enabled by the
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright