Upstream information
Description
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
National Vulnerability Database | |
---|---|
Base Score | 1.2 |
Vector | AV:L/AC:H/Au:N/C:P/I:N/A:N |
Access Vector | Local |
Access Complexity | High |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Micro 6.0 |
| Patchnames: SUSE Linux Enterprise Micro 6.0 GA cifs-utils-7.0-2.9 SUSE Linux Enterprise Micro 6.0 GA samba-client-libs-4.19.4+git.339.acf1ccaa02-1.22 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024:10683 openSUSE-Tumbleweed-2024:11365 |
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 01:50:40 2013CVE page last modified: Sat Jun 15 17:35:34 2024