Unrated severityNVD Advisory· Published Jul 21, 2006· Updated Apr 16, 2026
CVE-2006-3589
CVE-2006-3589
Description
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Affected products
11- cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- secunia.com/advisories/21120nvdVendor Advisory
- kb.vmware.com/kb/2467205nvd
- secunia.com/advisories/23680nvd
- securitytracker.com/idnvd
- www.osvdb.org/27418nvd
- www.securityfocus.com/archive/1/440583/100/0/threadednvd
- www.securityfocus.com/archive/1/441082/100/0/threadednvd
- www.securityfocus.com/archive/1/456546/100/200/threadednvd
- www.securityfocus.com/bid/19060nvd
- www.securityfocus.com/bid/19062nvd
- www.vmware.com/support/esx2/doc/esx-202-200612-patch.htmlnvd
- www.vmware.com/support/esx21/doc/esx-213-200612-patch.htmlnvd
- www.vmware.com/support/esx25/doc/esx-253-200612-patch.htmlnvd
- www.vmware.com/support/esx25/doc/esx-254-200612-patch.htmlnvd
- www.vupen.com/english/advisories/2006/2880nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27881nvd
News mentions
0No linked articles in our index yet.