CVE-2006-1059
Samba 3.0.21-3.0.21c - Cleartext Password Exposure in Winbindd Log Files
Title source: llmDescription
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
References (12)
Core 12
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19468
Vendor Advisory vendor-advisory
x_refsource_fedora
http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/24263
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17314
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2006/0018
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19455
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19539
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1179
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015850
Patch x_refsource_confirm
http://us1.samba.org/samba/security/CAN-2006-1059.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/429370/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25575
Scores
EPSS
0.0046
EPSS Percentile
64.1%
Details
Status
published
Products (4)
samba/samba
3.0.21
samba/samba
3.0.21a
samba/samba
3.0.21b
samba/samba
3.0.21c
Published
Mar 30, 2006
Tracked Since
Feb 18, 2026