The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
secunia.com/advisories/19455
secunia.com/advisories/19468
secunia.com/advisories/19539
securitytracker.com/id?1015850
us1.samba.org/samba/security/CAN-2006-1059.html
www.osvdb.org/24263
www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
www.securityfocus.com/archive/1/429370/100/0/threaded
www.securityfocus.com/bid/17314
www.trustix.org/errata/2006/0018
www.vupen.com/english/advisories/2006/1179
exchange.xforce.ibmcloud.com/vulnerabilities/25575