Techly NewsGet the app

Get the latest tech news

16 years of CVE-2008-0166 – Debian OpenSSL Bug


Many DKIM setups used cryptographic keys vulnerable to the 2008 Debian OpenSSL Bug (CVE-2008-0166) in 2024.

DKIM is a mechanism that allows sending mail servers to sign emails with a cryptographic key published via a DNS TXT record. By scanning DKIM keys with my tool badkeys, I discovered a surprisingly large number of hosts vulnerable to the 2008 Debian OpenSSL bug. In some cases, I only controlled the DKIM key of a subdomain, but even then, the BIMI logo configured for the main domain is shown automatically.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of years

years

Photo of Debian OpenSSL Bug

Debian OpenSSL Bug

Photo of CVE-2008-0166

CVE-2008-0166

Related news:

News photo

Flatpak – a security nightmare – 2 years later (2020)

News photo

28 Years Later is coming to theaters next summer

News photo

Ten years of neuroscience at Google yields maps of human brain

« A reckoning is coming for emerging venture funds, and that, VCs say, is a good thing
Pražský Orloj: Prague astronomical clock simulator. (2022) »