Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Samba 3.0.21 <= 3.0.21c Vulnerability (CVE-2006-1059)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Exposure of machine account credentials in winbind log files.
Insight
Insight
The machine trust account password is the secret shared between a domain controller and a specific member server. Access to the member server machine credentials allows an attacker to impersonate the server in the domain and gain access to additional information regarding domain users and groups. The winbindd daemon included in Samba 3.0.21 and subsequent patch releases (3.0.21a-c) writes the clear text of server's machine credentials to its log file at level 5. The winbindd log files are world readable by default and often log files are requested on open mailing lists as tools used to debug server misconfigurations. This affects servers configured to use domain or ads security and possibly Samba domain controllers as well (if configured to use winbindd).
Affected Software
Affected Software
Samba versions 3.0.21 through 3.0.21c.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 3.0.22 or later.