CVE-2006-3589

low

VMware

CVSS v3 Base Score

3.6

AV:L/AC:L/Au:N/C:P/I:P/A:N

EPSS Score

0.1%

Exploitation probability in 30 days

Top 80% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

None

Published: July 21, 2006 (7237 days ago)

Last Modified: April 16, 2026

Vendor: VMware

Source: NVD

Description

vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.

CWE

NVD-CWE-Other

Affected Products

vmware infrastructurevmware playervmware servervmware workstationvmware esx

References

🔗 kb.vmware.com 🔗 secunia.com 🔗 secunia.com 🔗 securitytracker.com 🔗 www.osvdb.org

CVE-2006-3589

Vulnerability Report

Description

CWE

Affected Products

References