Samba < 3.0.22 Local File Permissions Credentials Disclosure
Low Nessus Network Monitor Plugin ID 3499
SynopsisThe remote host is vulnerable to a local flaw in the way that it creates log files.
DescriptionThe remote Samba server, according to its version number, may be vulnerable to a local flaw. Specifically, if debugging has been set to level 5 or higher, the local SAMBA process will log account credentials. These credentials can be read by local users and used in future attacks.
SolutionUpgrade to version 3.0.22 or higher.