Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2662

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-2662
Last Modified 07 Mar 2011 09:36:43
Published 02 Jun 2006 06:18:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2662

Summary

VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges.

Vulnerable Systems

Application

  • Vmware Server 1.0.1 Build 29996


References

CONFIRM - http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2124

VUPEN - ADV-2006-2104

XF - vmware-server-information-disclosure(26879)

BID - 18236

BUGTRAQ - 20060602 VMSA-2006-0002 - VMware Server sensitive information lifetime issue

SECTRACK - 1016200


Last Updated: 27 May 2016 10:42:42