DEBIAN-CVE-2008-2285

DEBIAN-CVE-2008-2285 PUBLISHED

The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.

Affected Products

Vendor	Product	Versions
Debian:12	openssh	0, 0, 0
Debian:13	openssh	0, 0, 0
Debian:11	openssh	0, 0, 0
Debian:14	openssh	0, 0, 0

Timeline

May 18, 2008 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2008-2285 advisory

Open in Interactive Console →