Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2011-4944
HistoryAug 27, 2012 - 11:55 p.m.

CVE-2011-4944

2012-08-2723:55:01
Debian Security Bug Tracker
security-tracker.debian.org
14

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.1%

Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.

OSVersionArchitecturePackageVersionFilename
Debian11allpython2.7< 2.7.3~rc2-2python2.7_2.7.3~rc2-2_all.deb
Debian10allpython2.7< 2.7.3~rc2-2python2.7_2.7.3~rc2-2_all.deb

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.1%