CVE-2006-1059

NameCVE-2006-1059
DescriptionThe winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)buster, buster (security)2:4.9.5+dfsg-5+deb10u3fixed
bullseye (security), bullseye2:4.13.13+dfsg-1~deb11u5fixed
bookworm, sid2:4.17.3+dfsg-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasourcewoody(not affected)
sambasourcesarge(not affected)
sambasource(unstable)3.0.22-1

Search for package or bug name: Reporting problems