Insecure File Permissions in Parallels Desktop for Mac
CVE-2006-5817

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Desktop
Vendor: CVE Published:; 8 November 2006

What is CVE-2006-5817?

The Parallels Desktop for Mac Build 1940 has a security vulnerability due to insecure file permissions set to 0666 for the file /Library/Parallels/.dhcpd_configuration. This misconfiguration allows local users to alter DHCP settings, which could lead to unauthorized network access or disruptions. Proper permissions should be enforced to ensure that only authorized users can modify this critical configuration file.

References

http://secunia.com/advisories/22634

third-party-advisoryx_refsource_SECUNIA

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Nov 8, 2006
Vulnerability Reserved
Nov 8, 2006