SSH Vulnerability in Ubuntu Linux Found in Various Versions
CVE-2008-2285

Currently unrated

Key Information:

Vendor: Ubuntu
Status: Linux
Vendor: CVE Published:; 18 May 2008

What is CVE-2008-2285?

The ssh-vulnkey tool on specific versions of Ubuntu Linux fails to properly handle authorized_keys lines that include option parameters. This oversight allows attackers to bypass security measures and exploit associated vulnerabilities, significantly improving their chances of guessing keys that are technically not recognized by the vulnerability assessment tool.

References

http://www.ubuntu.com/usn/usn-612-5

vendor-advisoryx_refsource_UBUNTU

https://exchange.xforce.ibmcloud.com/vulnerabilities/42568

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 18, 2008
Vulnerability Reserved
May 18, 2008