Python keyring lib before 0.10 created keyring files with world-readable permissions.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 7.0 | |
keyring | lt | 0.10 |
www.openwall.com/lists/oss-security/2012/11/27/3
bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1
bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg
bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577
security-tracker.debian.org/tracker/CVE-2012-5577