CVE-2008-2285

EPSS 0.36%

Published: 5/18/2008Modified: 4/28/2026

Description

The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.

Affected packages (1)

Debian/opensshfrom 0, < 1:4.7p1-10

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2285