Unrated severityNVD Advisory· Published Jul 21, 2006· Updated Jun 16, 2026
CVE-2006-3589
CVE-2006-3589
Description
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12- cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
- Range: 2.x
Patches
Vulnerability mechanics
References
16- secunia.com/advisories/21120nvdVendor Advisory
- kb.vmware.com/kb/2467205nvd
- secunia.com/advisories/23680nvd
- securitytracker.com/idnvd
- www.osvdb.org/27418nvd
- www.securityfocus.com/archive/1/440583/100/0/threadednvd
- www.securityfocus.com/archive/1/441082/100/0/threadednvd
- www.securityfocus.com/archive/1/456546/100/200/threadednvd
- www.securityfocus.com/bid/19060nvd
- www.securityfocus.com/bid/19062nvd
- www.vmware.com/support/esx2/doc/esx-202-200612-patch.htmlnvd
- www.vmware.com/support/esx21/doc/esx-213-200612-patch.htmlnvd
- www.vmware.com/support/esx25/doc/esx-253-200612-patch.htmlnvd
- www.vmware.com/support/esx25/doc/esx-254-200612-patch.htmlnvd
- www.vupen.com/english/advisories/2006/2880nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27881nvd
News mentions
0No linked articles in our index yet.