Unrated severityNVD Advisory· Published Mar 30, 2006· Updated Jun 16, 2026
CVE-2006-1059
CVE-2006-1059
Description
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Affected products
7cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
- (no CPE)range: 3.0.21 to 3.0.21c
- osv-coords2 versionspkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
< 6.13-1.3+ 1 more
- (no CPE)range: < 6.13-1.3
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
Patches
Vulnerability mechanics
References
12- secunia.com/advisories/19455nvdPatchVendor Advisory
- us1.samba.org/samba/security/CAN-2006-1059.htmlnvdPatch
- secunia.com/advisories/19468nvd
- secunia.com/advisories/19539nvd
- securitytracker.com/idnvd
- www.osvdb.org/24263nvd
- www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.htmlnvd
- www.securityfocus.com/archive/1/429370/100/0/threadednvd
- www.securityfocus.com/bid/17314nvd
- www.trustix.org/errata/2006/0018nvd
- www.vupen.com/english/advisories/2006/1179nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25575nvd
News mentions
0No linked articles in our index yet.