CVE-2016-9963
published 2017-02-01CVE-2016-9963: Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
PriorityP432medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
3.10%
86.1th percentile
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | exim4 | < exim4 4.88~RC6-2 (bookworm) | exim4 4.88~RC6-2 (bookworm) |
| exim | exim | <= 4.87 | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:P/I:N/A:N
osv5.9MEDIUM
vendor_debian5.9MEDIUM
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Exim vulnerability
vendor_ubuntu·2017-01-05
CVE-2016-9963 Exim vulnerability
Title: Exim vulnerability
Summary: Exim could be made to expose private DKIM signing keys.
Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain
configurations, private DKIM signing keys could be leaked to the log files.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
exim: Possible information disclosure to remote atacker
vendor_redhat·2016-12-16·CVSS 5.9
CVE-2016-9963 [MEDIUM] CWE-200 exim: Possible information disclosure to remote atacker
exim: Possible information disclosure to remote atacker
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
It was found that Exim leaked DKIM signing private keys to the "mainlog" log file. As a result, an attacker with access to system log files could potentially access these leaked DKIM private keys.
Statement: This flaw does not affect the version of Exim shipped with Red Hat Enterprise Linux 5 because it is not built with DKIM (DomainKeys Identified Mail) support.
Package: exim (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2016-9963: exim4 - Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signi...
vendor_debian·2016·CVSS 5.9
CVE-2016-9963 [MEDIUM] CVE-2016-9963: exim4 - Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signi...
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
Scope: local
bookworm: resolved (fixed in 4.88~RC6-2)
bullseye: resolved (fixed in 4.88~RC6-2)
forky: resolved (fixed in 4.88~RC6-2)
sid: resolved (fixed in 4.88~RC6-2)
trixie: resolved (fixed in 4.88~RC6-2)
GHSA
GHSA-qf64-f8r5-29m4: Exim before 4
ghsa_unreviewed·2022-05-17
CVE-2016-9963 [MEDIUM] GHSA-qf64-f8r5-29m4: Exim before 4
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
OSV
CVE-2016-9963: Exim before 4
osv·2017-02-01·CVSS 5.9
CVE-2016-9963 [MEDIUM] CVE-2016-9963: Exim before 4
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
No detection rules found.
No public exploits indexed.
arXiv
On the Effectiveness of Type-based Control Flow Integrity
arxiv_fulltext·2020-02-14
On the Effectiveness of Type-based Control Flow Integrity
2018
2018
acmcopyright
[ACSAC '18]2018 Annual Computer Security Applications ConferenceDecember 3--7, 2018San Juan, PR, USA
2018 Annual Computer Security Applications Conference (ACSAC '18), December 3--7, 2018, San Juan, PR, USA
15.00
10.1145/3274694.3274739
978-1-4503-6569-7/18/12
On the Effectiveness of Type-based Control Flow Integrity
Reza Mirzazade farkhani
Northeastern University
[email protected]
Saman Jafari
Northeastern University
[email protected]
Sajjad Arshad
Northeastern University
[email protected]
William Robertson
Northeastern University
[email protected]
Engin Kirda
Northeastern University
[email protected]
Hamed Okhravi
MIT Lincoln Laboratory
[email protected]
## Abstract
Control flow integrity (CFI) has received significant attention in the community
Bugzilla
CVE-2016-9963 exim: Possible information disclosure to remote atacker
bugzilla·2016-12-16·CVSS 5.9
CVE-2016-9963 [MEDIUM] CVE-2016-9963 exim: Possible information disclosure to remote atacker
CVE-2016-9963 exim: Possible information disclosure to remote atacker
Under certain circumstances it's possible for remote attacker to leak private information.
Affected versions: 4.69 -> 4.87
Upstream bug:
https://bugs.exim.org/show_bug.cgi?id=1996
CVE assignment:
http://seclists.org/oss-sec/2016/q4/694
Discussion:
Created exim tracking bugs for this issue:
Affects: fedora-all [bug 1405323]
Affects: epel-all [bug 1405324]
---
External Reference:
https://exim.org/static/doc/CVE-2016-9963.txt
---
Statement:
This flaw does not affect the version of Exim shipped with Red Hat Enterprise Linux 5 because it is not built with DKIM (DomainKeys Identified Mail) support.
Bugzilla
CVE-2016-9963 exim: Possible information disclosure to remote atacker [fedora-all]
bugzilla·2016-12-16·CVSS 5.9
CVE-2016-9963 [MEDIUM] CVE-2016-9963 exim: Possible information disclosure to remote atacker [fedora-all]
CVE-2016-9963 exim: Possible information disclosure to remote atacker [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported version
Bugzilla
CVE-2016-9963 exim: Possible information disclosure to remote atacker [epel-all]
bugzilla·2016-12-16·CVSS 5.9
CVE-2016-9963 [MEDIUM] CVE-2016-9963 exim: Possible information disclosure to remote atacker [epel-all]
CVE-2016-9963 exim: Possible information disclosure to remote atacker [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported vers
http://www.debian.org/security/2016/dsa-3747http://www.exim.org/static/doc/CVE-2016-9963.txthttp://www.securityfocus.com/bid/94947http://www.securitytracker.com/id/1037484http://www.ubuntu.com/usn/USN-3164-1https://bugs.exim.org/show_bug.cgi?id=1996http://www.debian.org/security/2016/dsa-3747http://www.exim.org/static/doc/CVE-2016-9963.txthttp://www.securityfocus.com/bid/94947http://www.securitytracker.com/id/1037484http://www.ubuntu.com/usn/USN-3164-1https://bugs.exim.org/show_bug.cgi?id=1996
2017-02-01
Published