1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.3%
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
secunia.com/advisories/19455
secunia.com/advisories/19468
secunia.com/advisories/19539
securitytracker.com/id?1015850
us1.samba.org/samba/security/CAN-2006-1059.html
www.osvdb.org/24263
www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
www.securityfocus.com/archive/1/429370/100/0/threaded
www.securityfocus.com/bid/17314
www.trustix.org/errata/2006/0018
www.vupen.com/english/advisories/2006/1179
exchange.xforce.ibmcloud.com/vulnerabilities/25575