Lucene search
HistoryJun 02, 2006 - 10:18 a.m.
CVE-2006-2662
vmware
server
memory
credentials
privileges
local attackers
security vulnerability
cve-2006-2662
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.6%
VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges.
Affected configurations
Node
vmwareserverMatch1.0.1_build_29996
| CPE | Name | Operator | Version |
|---|---|---|---|
| vmware:server | vmware server | eq | 1.0.1_build_29996 |
Related
nvd
nvd
CVE-2006-2662
2006-06-02 10:18:00
prion
prion
Design/Logic Flaw
2006-06-02 10:18:00
securityvulns
securityvulns
VMSA-2006-0002 - VMware Server sensitive information lifetime issue
2006-06-03 00:00:00
cvelist
cvelist
CVE-2006-2662
2006-06-02 10:00:00
openvas
openvas
Debian Security Advisory DSA 1612-1 (ruby1.8)
2008-08-15 00:00:00
Debian Security Advisory DSA 1618-1 (ruby1.9)
2008-08-15 00:00:00
debian
debian
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities
2008-07-26 15:17:57
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities
2008-07-21 17:29:08
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.6%
Related for CVE-2006-2662