similar to: [SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Exposed clear text of domain machine == account password in debug logs (log == level >= 5) == CVE ID#: CAN_2006-1059 == == Versions: Samba Samba 3.0.21 - 3.0.21c (inclusive) == == Summary: The winbindd daemon writes the clear text ==

I'm getting some strange entries in my logs after upgrading to samba version 3.0.21-1. Also in 3.0.21a-1. The machines connection to my samba pdc are WinXP SP2 and also a 2003 server. For example: [2006/01/03 21:57:28, 0] libsmb/credentials.c:creds_server_check(159) creds_server_check: credentials check failed. [2006/01/03 21:57:28, 0] rpc_server/srv_netlog_nt.c:_net_sam_logon(667)

R-helpers, I am hoping to find someone who uses both R and program Stata for GLMs. I am a beginner R user, finding my own way through; learning code etc. at the same time as learning the statistics I need to complete my project. What I have is the code from Stata and am trying to reproduce the same analysis in R - my program of choice. . glm count md ms rf sg, family(poisson)

Hi, I'm hoping that someone will be able to help. I would like to compare how covariates associate with the risk of a binary outcome during two periods. Period 1 will be non-exposure to a treatment and period 2 will be exposure to a treatment. The same individuals will be examined in each group but I want to be able to compare the association of certain covariates between the two groups to

I just confirmed the following bug on my firefox. http://secunia.com/advisories/14820/ Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0 (I think my firefox is a month or two behind, from ports, but the advisary indicates both 1.0.1 and 1.0.2 are effected.) FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004

We specifically do not update the disk i_size if there are ordered extents outstanding for any area between the current disk_i_size and our ordered extent so that we do not expose stale data. The problem is the check we have only checks if the ordered extent starts at or after the current disk_i_size, which doesn''t take into account an ordered extent that starts before the current

Hello, I'm working in France (Europe), and use daylight saving time (aka DST aka summertime). I upgraded my Samba server from 3.0.20b to 3.0.21c. Got complaints from a user that all his *WINTER* files modification date mysteriously shifted one hour ahead. It took me some time to find out the culprit, since we just switched from wintertime to summertime. On Unix (tested both Solaris 9 and

I recently upgraded a 3.0.14a installation (using an OpenLDAP backend) to 3.0.23c and noticed that when using the Windows User Manager group members are no longer listed when viewing a group--when 'ldapsam:trusted = yes' is set. I've since compiled and tested various versions using default options and the last time I see this member listing working was in 3.0.20b--3.0.21 and

Can anyone help with the following error I get whilst comiling samba, configured with following flags:- ./configure --prefix=/opt/samba-3.0.21c --with-ldap --with-ads --with-krb5 --with-pam --with-winbind heimal kerberos heimdal-0.7.2 openldap openldap-2.3.20 [WMSTRAIN:root]/appfs2/samba/samba-3.0.21c/source> make && make install Using FLAGS = -O -D_SAMBA_BUILD_ -I./popt

Hallo, We protect linux/apache server with mod_auth_ntlm_winbind.so to authenticate users with their domain accounts. The server is joined into windows domain (Windows 2003 Server). Apache/mod_auth_ntlm_winbind.so is configured for NTLM+SPNEGO authentication. So far users can login when providing valid credentials. Users login into their windows workstation (Windows XP SP2 IE/Firefox) with

Hi, yesterday I compiled an installed samba 3.0.21 on a solaris 8 box (gcc 3.4.2). Since then I frequently see this error message in the log. [2005/12/22 15:55:39, 0] lib/fault.c:fault_report(36) =============================================================== [2005/12/22 15:55:39, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 10 in pid 27816 (3.0.21) Please read the

Hi! Today I installed samba 3.0.21 on debian sarge. I see this error in syslog: Jan 4 18:07:27 2T-Samba smbd[8352]: [2006/01/04 18:07:27, 1] libads/ldap.c:ads_connect(292) Jan 4 18:07:27 2T-Samba smbd[8352]: Failed to get ldap server info why? I upgrade my pdc from samba 3.0.20b to 3.0.21 and in the previous version I didn't see this error. Can you help me? Thanks, Fabio

Hi, My last post about compilation problems of 3.0.21 on Solaris 2.5 and 7 has no answer,so I investigated a bit more further to try to find out the differences with 3.0.20b. Problems come from winbind_nss_solaris.c witch evolved a lot in 3.0.21. Several references are done to struct in6_addr witch are not defined on solaris 7 and older. If I'm not wrong in my diagnostic, is there a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey folks, Here's a short summary of what's in the works for 3.0.21. Right now we have people working on all of these bullets. If you want to get involved, join the samba-technical list and help out with code reviews, testing, etc... Or if you have patches and or new features that you would like to submit for inclusion in this release, the

Hi list I have samba 3.0.21 with LDAP version 2.2.13 on Redhat Enterprise Linux 4 enterprise server kernel version 2.6.9-5 . smbldap-tools version 0.9. in winbind.log i get the following errors my domain msdpl.com ################################################################# [2006/02/16 13:05:28, 0] lib/smbldap.c:smb_ldap_setup_conn(572) ldap_initialize: Time limit exceeded [2006/02/16

hi, i read about samba4wins, which is really a great work from the team! do you know, if this will work with samba v3.0.14a? i ask because a german news service writes that it?s only possible with 3.0.21 (http://www.heise.de/newsticker/meldung/69132), but i can?t find this information in the notes on http://ftp.sernet.de/pub/samba4WINS/samba4wins-1.0.0-16/ thx for helping me! -- Michael

We have recently upgraded to : samba-3.0.21 openssl-0.9.7g krb5-1.4.3 openldap-2.3.11 db-4.4.16 cyrus-sasl-2.1.21 m4-1.4.4flex-2.5.31 autoconf-2.59 libiconv-1.9.1 gcc-3.4.2 bison-2.1 automake-1.9 libtool-1.5.22 and have got samba authenticating against our 2003 AD servers, however we now discovered that someone has setup xdm to use pam authentication to the old NT4 domain using xdm.pam and

Hi All, I am upgrading form samba 3.04 to 3.0.21 to resolve some ADS authentication problem that happens after each Windows security patch and also stay current. I could not find a straight forward procedure to compile and configure samba except this link which I guess is not complete:

We have a three-way Samba trust in our development environment. All three are using OpenLDAP and Samba 3.0.21. The LDAP database is shared for access to Posix/Samba user info. SID's are appropriately assigned to the users and machines with algorithmic RID's and the IDMAP table is preloaded with the SID-RID to UID mappings. This all works and was tested with assigning windows ACLs to shares

I've built Samba 3.0.21 with Kerb ADS, NSS, Winbind and PAM support on Solaris 9 using gcc 3.3.2. I'm able to compile and install and authentication works fine - I can query and authenticate with AD, but when I su, passwd or some other local auth Solaris command the command segfaults. This even happens if a valid user is in any of the databases previous in the search pattern to