CVE-2016-9963
5.9MEDIUMExim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
Published: 2/1/2017Updated: 4/20/2025
Description
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
AI AnalysisPowered by AI
Affected Products
eximexim
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
16.10
debiandebian_linux
8.0
References
- http://www.debian.org/security/2016/dsa-3747Third Party Advisory
- http://www.exim.org/static/doc/CVE-2016-9963.txtMitigationVendor Advisory
- http://www.securityfocus.com/bid/94947Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037484Third Party AdvisoryVDB Entry
- http://www.ubuntu.com/usn/USN-3164-1Third Party Advisory
- https://bugs.exim.org/show_bug.cgi?id=1996Issue TrackingMitigationVendor Advisory
- http://www.debian.org/security/2016/dsa-3747Third Party Advisory
- http://www.exim.org/static/doc/CVE-2016-9963.txtMitigationVendor Advisory
- http://www.securityfocus.com/bid/94947Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037484Third Party AdvisoryVDB Entry
- http://www.ubuntu.com/usn/USN-3164-1Third Party Advisory
- https://bugs.exim.org/show_bug.cgi?id=1996Issue TrackingMitigationVendor Advisory