CVE-2006-3589

cve@mitre.org

Details

CVSS v2: 3.6
NVD published: 2006-07-21 14:03:00
Affected versions: cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:* cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:* cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.1:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:* cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
Summary: vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.