Samba Machine Trust Account Local Information Disclosure Vulnerability
BID:17314
Info
Samba Machine Trust Account Local Information Disclosure Vulnerability
| Bugtraq ID: | 17314 |
| Class: | Design Error |
| CVE: |
CVE-2006-1059 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 30 2006 12:00AM |
| Updated: | Dec 07 2006 08:39PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Secure Enterprise Linux 2.0 Samba Samba 3.0.21 Samba Samba 3.0.21c Samba Samba 3.0.21b Samba Samba 3.0.21a Redhat Fedora Core5 |
| Not Vulnerable: |
Samba Samba 3.0.22 |
Discussion
Samba Machine Trust Account Local Information Disclosure Vulnerability
Samba is susceptible to a local information-disclosure vulnerability. This issue is due to a design error that potentially leads to sensitive information being written to log files. This occurs when the debugging level has been set to 5 or higher.
This issue allows local attackers to gain access to the machine trust account of affected computers. Attackers may then impersonate the affected server in the domain. By impersonating the member server, attackers may gain access to further sensitive information, including the users and groups in the domain; other information may also be available. This may aid attackers in further attacks.
Samba versions 3.0.21 through to 3.0.21c that use the 'winbindd' daemon are susceptible to this issue.
Samba is susceptible to a local information-disclosure vulnerability. This issue is due to a design error that potentially leads to sensitive information being written to log files. This occurs when the debugging level has been set to 5 or higher.
This issue allows local attackers to gain access to the machine trust account of affected computers. Attackers may then impersonate the affected server in the domain. By impersonating the member server, attackers may gain access to further sensitive information, including the users and groups in the domain; other information may also be available. This may aid attackers in further attacks.
Samba versions 3.0.21 through to 3.0.21c that use the 'winbindd' daemon are susceptible to this issue.
Exploit / POC
Samba Machine Trust Account Local Information Disclosure Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Samba Machine Trust Account Local Information Disclosure Vulnerability
Solution:
The vendor has released an advisory along with version 3.0.22 of Samba to address this issue. Patches are also available for previous releases.
Please see the referenced vendor advisories for details on obtaining and applying fixes.
Samba Samba 3.0.21c
Samba Samba 3.0.21b
Samba Samba 3.0.21a
Samba Samba 3.0.21
Solution:
The vendor has released an advisory along with version 3.0.22 of Samba to address this issue. Patches are also available for previous releases.
Please see the referenced vendor advisories for details on obtaining and applying fixes.
Samba Samba 3.0.21c
-
Samba samba-3.0.21-CAN-2006-1059.patch
http://www.samba.org/samba/ftp/patches/security/samba-3.0.21-CAN-2006- 1059.patch -
Samba samba-3.0.22.tar.gz
http://us2.samba.org/samba/ftp/samba-3.0.22.tar.gz
Samba Samba 3.0.21b
-
Samba samba-3.0.21-CAN-2006-1059.patch
http://www.samba.org/samba/ftp/patches/security/samba-3.0.21-CAN-2006- 1059.patch -
Samba samba-3.0.22.tar.gz
http://us2.samba.org/samba/ftp/samba-3.0.22.tar.gz
Samba Samba 3.0.21a
-
Samba samba-3.0.21-CAN-2006-1059.patch
http://www.samba.org/samba/ftp/patches/security/samba-3.0.21-CAN-2006- 1059.patch -
Samba samba-3.0.22.tar.gz
http://us2.samba.org/samba/ftp/samba-3.0.22.tar.gz
Samba Samba 3.0.21
-
Samba samba-3.0.22.tar.gz
http://us2.samba.org/samba/ftp/samba-3.0.22.tar.gz
References
Samba Machine Trust Account Local Information Disclosure Vulnerability
References:
References: