CVE-2006-1059

NameCVE-2006-1059
DescriptionThe winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)stretch (security), stretch2:4.5.16+dfsg-1+deb9u2fixed
buster2:4.9.5+dfsg-5fixed
buster (security)2:4.9.5+dfsg-5+deb10u1fixed
bullseye2:4.11.5+dfsg-1fixed
sid2:4.12.5+dfsg-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasource(unstable)3.0.22-1
sambasourcesarge(not affected)
sambasourcewoody(not affected)

Search for package or bug name: Reporting problems