Python 2.6 up to and including 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python 2.6.2 |
||
python python 2.6.5 |
||
python python 2.7.2 |
||
python python 2.7.1 |
||
python python 3.2 |
||
python python 2.6.2150 |
||
python python 2.6.6 |
||
python python 2.6.4 |
||
python python 2.7.2150 |
||
python python 3.0.1 |
||
python python 3.0 |
||
python python 2.6.7 |
||
python python 2.6.8 |
||
python python 2.6.1 |
||
python python 2.6.3 |
||
python python 2.7.1150 |
||
python python 3.1.2 |
||
python python 3.1.1 |
||
python python 3.1.4 |
||
python python 3.1.3 |
||
python python 2.6.6150 |
||
python python 3.1.2150 |
||
python python 3.1 |
||
python python 2.7.3 |
||
python python 3.1.5 |