Vulnerability Details : CVE-2006-3589
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Products affected by CVE-2006-3589
- cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3589
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3589
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
3.6
|
LOW | AV:L/AC:L/Au:N/C:P/I:P/A:N |
3.9
|
4.9
|
NIST |
References for CVE-2006-3589
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/27881
-
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
Page not found
-
http://www.securityfocus.com/archive/1/440583/100/0/threaded
-
http://www.securityfocus.com/archive/1/456546/100/200/threaded
-
http://www.securityfocus.com/bid/19060
-
http://kb.vmware.com/kb/2467205
-
http://www.vupen.com/english/advisories/2006/2880
-
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
Page not found
-
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
Page not found
-
http://www.securityfocus.com/bid/19062
-
http://www.securityfocus.com/archive/1/441082/100/0/threaded
-
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
Page not found
-
http://securitytracker.com/id?1016536
Jump to