Launchpad CVE tracker

CVE 2009-0669

Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.

Related bugs and status

CVE-2009-0669 (Candidate) is related to these bugs:

Bug #356137: zope3 fails on start-up in jaunty

Summary				In	Importance	Status
	356137	zope3 fails on start-up in jaunty		zope3 (Ubuntu)	Undecided	Fix Released

Bug #415287: Sync zope2.10 2.10.9-1 (universe) from Debian unstable (main).

Summary				In	Importance	Status
	415287	Sync zope2.10 2.10.9-1 (universe) from Debian unstable (main).		zope2.10 (Ubuntu)	Wishlist	Fix Released

Bug #418008: Depends by zope-common version not available

Summary				In	Importance	Status
	418008	Depends by zope-common version not available		zope2.10 (Ubuntu)	Medium	Confirmed

Bug #424820: [FFe] Update zodb to 1:3.8.3-1 from Debian unstable (main)

Summary				In	Importance	Status
	424820	[FFe] Update zodb to 1:3.8.3-1 from Debian unstable (main)		zodb (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-0669

References