Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1634-1
HistoryNov 20, 2012 - 12:00 a.m.

Python Keyring vulnerabilities

2012-11-2000:00:00
ubuntu.com
40

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

Releases

  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 11.10

Packages

  • python-keyring - store and access your passwords safely

Details

Dwayne Litzenberger discovered that Python Keyring’s CryptedFileKeyring
file format used weak cryptography. A local attacker may use this issue to
brute-force CryptedFileKeyring keyring files. This issue only affected
Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-4571)

It was discovered that Python Keyring created keyring files with insecure
permissions. A local attacker could use this issue to access keyring files
belonging to other users.

OSVersionArchitecturePackageVersionFilename
Ubuntu12.10noarchpython3-keyring< 0.9.2-1ubuntu0.2UNKNOWN
Ubuntu12.10noarchpython-keyring< 0.9.2-1ubuntu0.2UNKNOWN
Ubuntu12.04noarchpython3-keyring< 0.9.2-0ubuntu0.12.04.2UNKNOWN
Ubuntu12.04noarchpython-keyring< 0.9.2-0ubuntu0.12.04.2UNKNOWN
Ubuntu11.10noarchpython-keyring< 0.9.2-0ubuntu0.11.10.2UNKNOWN

Related

fedora 2
openvas 6
github 1
securityvulns 1
nvd 1
prion 1
nessus 3
osv 2
ubuntucve 1
debiancve 1
cvelist 1
cve 1
fedora
fedora
[SECURITY] Fedora 20 Update: python-keyring-3.3-1.fc20
2013-12-14 03:35:29
[SECURITY] Fedora 19 Update: python-keyring-3.3-1.fc19
2013-12-04 06:59:53
openvas
openvas
Ubuntu: Security Advisory (USN-1634-1)
2012-11-23 00:00:00
Ubuntu Update for python-keyring USN-1634-1
2012-11-23 00:00:00
Fedora Update for python-keyring FEDORA-2013-22694
2013-12-17 00:00:00
github
github
Python Keyring does not securely initialize encryption cipher
2022-05-17 05:18:21
securityvulns
securityvulns
python keyring weak cryptography
2012-12-09 00:00:00
nvd
nvd
CVE-2012-4571
2012-11-30 22:55:01
prion
prion
Default credentials
2012-11-30 22:55:00
nessus
nessus
Ubuntu 11.10 / 12.04 LTS / 12.10 : python-keyring vulnerabilities (USN-1634-1)
2012-11-21 00:00:00
Fedora 20 : python-keyring-3.3-1.fc20 (2013-22644)
2013-12-14 00:00:00
Fedora 19 : python-keyring-3.3-1.fc19 (2013-22694)
2013-12-04 00:00:00
osv
osv
Python Keyring does not securely initialize encryption cipher
2022-05-17 05:18:21
PYSEC-2012-8
2012-11-30 22:55:00
ubuntucve
ubuntucve
CVE-2012-4571
2012-11-06 00:00:00
debiancve
debiancve
CVE-2012-4571
2012-11-30 22:55:01
cvelist
cvelist
CVE-2012-4571
2012-11-30 22:00:00
cve
cve
CVE-2012-4571
2012-11-30 22:55:01

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for USN-1634-1
fedora2openvas6github1securityvulns1nvd1prion1nessus3osv2ubuntucve1debiancve1cvelist1cve1