Candidate: CVE-2009-5014
PublicDate: 2010-11-06 00:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5014
Description:
 The default quickstart configuration of TurboGears2 (aka tg2) before 2.0.2
 has a weak cookie salt, which makes it easier for remote attackers to
 bypass repoze.who authentication via a forged authorization cookie, a
 related issue to CVE-2010-3852.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS: 

Patches_turbogears2:
upstream_turbogears2: released (2.0.2)
dapper_turbogears2: DNE
hardy_turbogears2: DNE
karmic_turbogears2: not-affected (2.0.3-1)
lucid_turbogears2: not-affected (2.0.3-1)
maverick_turbogears2: not-affected (2.0.3-2)
devel_turbogears2: not-affected (2.0.3-2)