CVE-2006-1059

N/A Unknown

Published: March 30, 2006 Modified: April 16, 2026

Description

The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/19455

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/19468

Source: secalert@redhat.com

http://secunia.com/advisories/19539

Source: secalert@redhat.com

http://securitytracker.com/id?1015850

Source: secalert@redhat.com

http://us1.samba.org/samba/security/CAN-2006-1059.html

Source: secalert@redhat.com

Patch

http://www.osvdb.org/24263

Source: secalert@redhat.com

http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/429370/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/17314

Source: secalert@redhat.com

http://www.trustix.org/errata/2006/0018

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2006/1179

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/25575

Source: secalert@redhat.com

http://secunia.com/advisories/19455