CVE-2008-2285

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2008-2285

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-2285.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2008-2285

Downstream

DEBIAN-CVE-2008-2285

DSA-1576-1

Published

2008-05-18T14:20:00Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.

References

http://www.ubuntu.com/usn/usn-612-5
https://exchange.xforce.ibmcloud.com/vulnerabilities/42568

CVE-2008-2285

Affected packages