CVE-2006-1059
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2006-1059
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-1059.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2006-1059
- Related
- Published
- 2006-03-30T17:06:00Z
- Modified
- 2024-09-18T01:00:22Z
- Summary
- [none]
- Details
-
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
- References
-
- http://secunia.com/advisories/19455
- http://secunia.com/advisories/19468
- http://secunia.com/advisories/19539
- http://www.vupen.com/english/advisories/2006/1179
- http://us1.samba.org/samba/security/CAN-2006-1059.html
- http://securitytracker.com/id?1015850
- http://www.osvdb.org/24263
- http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
- http://www.securityfocus.com/archive/1/429370/100/0/threaded
- http://www.securityfocus.com/bid/17314
- http://www.trustix.org/errata/2006/0018
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25575
- https://security-tracker.debian.org/tracker/CVE-2006-1059
Affected packages
Debian:11 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Debian:12 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Debian:13 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source