OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
https://exchange.xforce.ibmcloud.com/vulnerabilities/6757
http://www.securityfocus.com/bid/2917