Description
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.
Affected products
- Ubuntu / Linux7.04 – 7.04
- Ubuntu / Linux7.10 – 7.10
- Ubuntu / Linux8.04 – 8.04