|
Family: Misc. --> Category: infos
Samba Machine Trust Account Local Information Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks the version of Samba
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Samba server is vulnerable to a local information
disclosure flaw.
Description :
According to its version number, the remote Samba server is affected
by a flaw that may allows a local attacker to get access to the
passwords sent to the winbindd daemon if the debug level has been set
to 5 or higher.
See also :
http://www.securityfocus.com/archive/1/archive/1/429370/100/0/threaded
http://us1.samba.org/samba/security/CVE-2006-1059.html
Solution :
Upgrade to Samba 3.0.22 or set the debug level to a value lower
than 5.
Threat Level:
Low / CVSS Base Score : 1
(AV:L/AC:H/Au:NR/C:P/I:N/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|