cve/2006/CVE-2006-3589.md

### [CVE-2006-3589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.

### POC

#### Reference
- http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2006-3589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.`

			`### POC`

			`#### Reference`
			`- http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html`

			`#### Github`
			`No PoCs found on GitHub currently.`