234 matches found
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages...
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages...
CVE-2016-9963
Exim (mail transfer agent) is affected by CVE-2016-9963. Exim before 4.87.1 may leak the private DKIM signing key to log files via vectors related to log files and bounce messages. The leakage is contingent on specific configurations and log access, enabling an attacker with log access to obtain ...
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages...
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages...
Ubuntu 14.04 LTS / 16.04 LTS : Exim vulnerability (USN-3164-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3164-1 advisory. Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files...
Ubuntu: Security Advisory (USN-3164-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3164-1: Exim vulnerability
Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files...
Debian DSA-3747-1 : exim4 - security update
Bjoern Jacke discovered that Exim, Debian's default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...
FreeBSD : exim -- DKIM private key leak (e7002b26-caaa-11e6-a76a-9f7324e5534e)
The Exim project reports : Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTALDSNINFO=yes is used, the key material is included in the bounce message. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
[SECURITY] [DLA 762-1] exim4 security update
Package : exim4 Version : 4.80-7+deb7u4 CVE ID : CVE-2016-9963 Bjoern Jacke discovered that Exim, Debians default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met. For Debian 7 "Wheezy", these problems have been fixed in version...
[SECURITY] [DSA 3747-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3747-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3747-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3747-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 25, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3747-1 (exim4 - security update)
Bjoern Jacke discovered that Exim, Debian OpenVAS Vulnerability Test $Id: deb3747.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3747-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...
DSA-3747-1 exim4 - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3747-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-9963
It was found that Exim leaked DKIM signing private keys to the "mainlog" log file. As a result, an attacker with access to system log files could potentially access these leaked DKIM private keys...
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages...
exim -- DKIM private key leak
The Exim project reports: Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTALDSNINFO=yes is used, the key material is included in the bounce message...
Office 365 Vulnerability Identified Bogus Email as Valid
Details have been released on a simple Office 365 hack that incorrectly identifies spoofed emails pretending to be from the Microsoft.com domain as valid. The vulnerability being targeted was privately disclosed by Turkish security researcher Utku Sen, and was patched by Microsoft this month...