FreeBSD : samba -- Exposure of machine account credentials in winbind log files (92fd40eb-c458-11da-9c79-00123ffe8333)
Low Nessus Plugin ID 21476
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionSamba Security Advisory :
The machine trust account password is the secret shared between a domain controller and a specific member server. Access to the member server machine credentials allows an attacker to impersonate the server in the domain and gain access to additional information regarding domain users and groups.
The winbindd daemon writes the clear text of server's machine credentials to its log file at level 5. The winbindd log files are world readable by default and often log files are requested on open mailing lists as tools used to debug server misconfigurations.
This affects servers configured to use domain or ads security and possibly Samba domain controllers as well (if configured to use winbindd).
SolutionUpdate the affected packages.