Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-4944
HistoryAug 27, 2012 - 12:00 a.m.

CVE-2011-4944

2012-08-2700:00:00
ubuntu.com
ubuntu.com
11

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.1%

Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions
before changing them after data has been written, which introduces a race
condition that allows local users to obtain a username and password by
reading this file.

Bugs

Notes

Author Note
tyhicks Code in Lib/distutils/command/register.py in 2.4 and 2.5
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpython2.4< 2.4.5-1ubuntu4.4UNKNOWN
ubuntu8.04noarchpython2.5< 2.5.2-2ubuntu6.2UNKNOWN
ubuntu10.04noarchpython2.6< 2.6.5-1ubuntu6.1UNKNOWN
ubuntu11.04noarchpython2.6< 2.6.6-6ubuntu7.1UNKNOWN
ubuntu11.10noarchpython2.6< 2.6.7-4ubuntu1.1UNKNOWN
ubuntu11.04noarchpython2.7< 2.7.1-5ubuntu2.2UNKNOWN
ubuntu11.10noarchpython2.7< 2.7.2-5ubuntu1.1UNKNOWN
ubuntu10.04noarchpython3.1< 3.1.2-0ubuntu3.2UNKNOWN
ubuntu11.04noarchpython3.1< 3.1.3-1ubuntu1.2UNKNOWN
ubuntu11.04noarchpython3.2< 3.2-1ubuntu1.2UNKNOWN
Rows per page:
1-10 of 131

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.1%