CVE-2006-1059

NameCVE-2006-1059
DescriptionThe winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)jessie (security), jessie2:4.2.14+dfsg-0+deb8u9fixed
stretch (security), stretch2:4.5.12+dfsg-2+deb9u2fixed
buster, sid2:4.8.2+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasource(unstable)3.0.22-1low
sambasourcesarge(not affected)
sambasourcewoody(not affected)

Search for package or bug name: Reporting problems