Samba winbindd Debug Log Server Credentials Local Disclosure

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.

Synopsis :

The remote Samba server is vulnerable to a local information
disclosure flaw.

Description :

According to its version number, the remote Samba server is affected
by a flaw that may allow a local attacker to get access to the
passwords sent to the winbindd daemon if the debug level has been set
to 5 or higher.

See also :

Solution :

Upgrade to Samba 3.0.22 or set the debug level to a value lower than

Risk factor :

Low / CVSS Base Score : 1.2
CVSS Temporal Score : 1.0
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 24684 ()

Bugtraq ID: 17314

CVE ID: CVE-2006-1059

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now