CVE-2006-3589

vmware-config.pl - Privilege Escalation

Title source: llm
STIX 2.1

Description

vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.

References (16)

Core 16
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19060
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23680
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21120
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016536
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/440583/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2880
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19062
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456546/100/200/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/27418
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27881
Various Sources x_refsource_confirm
http://kb.vmware.com/kb/2467205
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/441082/100/0/threaded

Scores

EPSS 0.0007
EPSS Percentile 20.4%

Details

Status published
Products (11)
vmware/esx 2.0
vmware/esx 2.0.1
vmware/esx 2.1
vmware/esx 2.1.1
vmware/esx 2.1.2
vmware/esx 2.5
vmware/esx 2.5.2
vmware/infrastructure 3
vmware/player
vmware/server 1.0.1_build_29996
... and 1 more
Published Jul 21, 2006
Tracked Since Feb 18, 2026