CVE-2006-1059
First published: Thu Mar 30 2006(Updated: )
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Samba | =3.0.21a | |
| Samba Samba | =3.0.21b | |
| Samba Samba | =3.0.21 | |
| Samba Samba | =3.0.21c |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://us1.samba.org/samba/security/CAN-2006-1059.html
- http://secunia.com/advisories/19455
- http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
- http://www.securityfocus.com/bid/17314
- http://www.osvdb.org/24263
- http://securitytracker.com/id?1015850
- http://secunia.com/advisories/19468
- http://www.trustix.org/errata/2006/0018
- http://secunia.com/advisories/19539
- http://www.vupen.com/english/advisories/2006/1179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25575
- http://www.securityfocus.com/archive/1/429370/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/references
- agent/description
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samba
- canonical/samba samba
- version/samba samba/3.0.21a
- version/samba samba/3.0.21b
- version/samba samba/3.0.21
- version/samba samba/3.0.21c