Unrated severityNVD Advisory· Published Mar 30, 2006· Updated Apr 16, 2026
CVE-2006-1059
CVE-2006-1059
Description
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Affected products
6cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
< 6.13-1.3+ 1 more
- (no CPE)range: < 6.13-1.3
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- secunia.com/advisories/19455nvdPatchVendor Advisory
- us1.samba.org/samba/security/CAN-2006-1059.htmlnvdPatch
- secunia.com/advisories/19468nvd
- secunia.com/advisories/19539nvd
- securitytracker.com/idnvd
- www.osvdb.org/24263nvd
- www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.htmlnvd
- www.securityfocus.com/archive/1/429370/100/0/threadednvd
- www.securityfocus.com/bid/17314nvd
- www.trustix.org/errata/2006/0018nvd
- www.vupen.com/english/advisories/2006/1179nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25575nvd
News mentions
0No linked articles in our index yet.