CVE-2006-1059
EPSS 0.46%
Description
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
How to fix CVE-2006-1059
To remediate CVE-2006-1059, upgrade the affected package to a fixed version below.
- Debian/samba—upgrade to 3.0.22-1 or later
Is CVE-2006-1059 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.0.22-1