CVE-2006-1059
| Name | CVE-2006-1059 |
| Description | The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| samba (PTS) | bullseye | 2:4.13.13+dfsg-1~deb11u6 | fixed |
| bullseye (security) | 2:4.13.13+dfsg-1~deb11u7 | fixed | |
| bookworm | 2:4.17.12+dfsg-0+deb12u3 | fixed | |
| bookworm (security) | 2:4.17.12+dfsg-0+deb12u1 | fixed | |
| trixie | 2:4.22.6+dfsg-0+deb13u1 | fixed | |
| forky, sid | 2:4.23.5+dfsg-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| samba | source | woody | (not affected) | |||
| samba | source | sarge | (not affected) | |||
| samba | source | (unstable) | 3.0.22-1 |