Unfortunately, a lot of security scanners simply do a dumb scan for a version string they think is vulnerable. In RHEL (centos), a lot of security fixes will get backported to an older version, though the version string will look the same to the scanner. Looking more closely at the reported errors:
@Clayman wrote:
Specifically "OpenSSH X11 Cookie Local Authentication Bypass Vulnerability".
Also, there was a vulnerability in OpenSSH X11UseLocalhost configuration.
The former seems to correspond to CVE-2007-4752 and the latter to CVE-2008-3259.
According to Redhat, the second is a non-issue: "This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5."
As for the first, there was an errata (RHSA-2008:0855-6) to fix the problem on an earlier update (openssh-4.3p2-26.el5_2.1) than what is currently running on your server (openssh-4.3p2-41.el5). Looking at the changelog for the rpm on an AMP here:
# rpm -q openssh --changelog | grep -C 1 CVE-2007-4752
* Fri Aug 15 2008 Dennis Gregorovic <dgregor@redhat.com> - 4.3p2-26.el5_2.1
- CVE-2007-4752 - Prevent ssh(1) from using a trusted X11 cookie if creation of an
untrusted cookie fails (#280361)
Just to confirm that my AMP matches yours:
# rpm -qa | grep openssh
openssh-server-4.3p2-41.el5.x86_64
openssh-clients-4.3p2-41.el5.x86_64
openssh-4.3p2-41.el5.x86_64