16 years of CVE-2008-0166 - Debian OpenSSL Bug ( 16years.secvuln.info )
Today, 16 years ago, Debian published a security advisory announcing CVE-2008-0166, a severe bug in their OpenSSL package that effectively broke the random number generator and limited the key space to a few ten thousand keys. The vulnerability affected Debian+Ubuntu between 2006 and 2008. In 2007, an email signature system...
![](https://mbin.grits.dev/media/cache/resolve/entry_thumb/37/b2/37b2dddf0786856cb8e271beb2fafe530c1efa2172b5ec7dce7ae9b0d6a883f3.png)