CVE-2006-5817

Name of the Vulnerable Software and Affected Versions: Parallels Desktop for Mac Build 1940

Description: The issue concerns insecure permissions used by prl dhcpd in Parallels Desktop for Mac. Specifically, it uses permissions of 0666 for the /Library/Parallels/.dhcpd configuration file, allowing local users to modify the DHCP configuration.

Recommendations: For Parallels Desktop for Mac Build 1940, consider changing the permissions of the /Library/Parallels/.dhcpd configuration file to prevent local users from modifying the DHCP configuration. As a temporary workaround, restrict access to the .dhcpd configuration file to minimize the risk of exploitation.