Lucene search

[email protected]NVD:CVE-2006-1059

HistoryMar 30, 2006 - 5:06 p.m.

CVE-2006-1059

2006-03-3017:06:00

[email protected]

web.nvd.nist.gov

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.3%

JSON

The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.

Affected configurations

NVD

Node

sambasambaMatch3.0.21

sambasambaMatch3.0.21a

sambasambaMatch3.0.21b

sambasambaMatch3.0.21c

References

secunia.com/advisories/19455

secunia.com/advisories/19468

secunia.com/advisories/19539

securitytracker.com/id?1015850

us1.samba.org/samba/security/CAN-2006-1059.html

www.osvdb.org/24263

www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html

www.securityfocus.com/archive/1/429370/100/0/threaded

www.securityfocus.com/bid/17314

www.trustix.org/errata/2006/0018

www.vupen.com/english/advisories/2006/1179

exchange.xforce.ibmcloud.com/vulnerabilities/25575

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.3%

JSON

Related for NVD:CVE-2006-1059

debiancve1 securityvulns2 cve1 nessus3 freebsd1 ubuntucve1 samba1 cvelist1 openvas3 prion1