1.9

CVE-2011-4944

Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PythonPython Version2.6.1
PythonPython Version2.6.2
PythonPython Version2.6.3
PythonPython Version2.6.4
PythonPython Version2.6.5
PythonPython Version2.6.6
PythonPython Version2.6.7
PythonPython Version2.6.8
PythonPython Version2.6.2150
PythonPython Version2.6.6150
PythonPython Version2.7.1
PythonPython Version2.7.1 Updaterc1
PythonPython Version2.7.2 Updaterc1
PythonPython Version2.7.3
PythonPython Version2.7.1150
PythonPython Version2.7.1150 HwPlatformx64
PythonPython Version2.7.2150
PythonPython Version3.0
PythonPython Version3.0.1
PythonPython Version3.1
PythonPython Version3.1.1
PythonPython Version3.1.2
PythonPython Version3.1.3
PythonPython Version3.1.4
PythonPython Version3.1.5
PythonPython Version3.1.2150 HwPlatformx64
PythonPython Version3.2
PythonPython Version3.2 Updatealpha
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.341
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/50858
http://secunia.com/advisories/51024
http://secunia.com/advisories/51040
http://secunia.com/advisories/51087
http://www.ubuntu.com/usn/USN-1596-1
http://www.ubuntu.com/usn/USN-1613-1
http://www.ubuntu.com/usn/USN-1613-2
http://www.ubuntu.com/usn/USN-1616-1
http://www.ubuntu.com/usn/USN-1592-1
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://secunia.com/advisories/51089
http://www.ubuntu.com/usn/USN-1615-1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555
http://bugs.python.org/file23824/pypirc-secure.diff
http://bugs.python.org/issue13512
http://www.openwall.com/lists/oss-security/2012/03/27/10
http://www.openwall.com/lists/oss-security/2012/03/27/2
http://www.openwall.com/lists/oss-security/2012/03/27/5
https://bugzilla.redhat.com/show_bug.cgi?id=758905