1.2

CVE-2006-1059

The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version3.0.21
SambaSamba Version3.0.21a
SambaSamba Version3.0.21b
SambaSamba Version3.0.21c
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.46% 0.365
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.2 1.9 2.9
AV:L/AC:H/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19455
Patch
Vendor Advisory
http://secunia.com/advisories/19468
http://secunia.com/advisories/19539
http://securitytracker.com/id?1015850
http://us1.samba.org/samba/security/CAN-2006-1059.html
Patch
http://www.osvdb.org/24263
http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html
http://www.securityfocus.com/archive/1/429370/100/0/threaded
http://www.securityfocus.com/bid/17314
http://www.trustix.org/errata/2006/0018
http://www.vupen.com/english/advisories/2006/1179
https://exchange.xforce.ibmcloud.com/vulnerabilities/25575