CVE-2006-1059

NameCVE-2006-1059
DescriptionThe winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)bullseye (security), bullseye2:4.13.13+dfsg-1~deb11u6fixed
bookworm, bookworm (security)2:4.17.12+dfsg-0+deb12u1fixed
sid, trixie2:4.20.2+dfsg-7fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasourcewoody(not affected)
sambasourcesarge(not affected)
sambasource(unstable)3.0.22-1

Search for package or bug name: Reporting problems