CVE

Id
38104  
CVE No.
CVE-2009-0669  
Status
Candidate  
Description
Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.  
Phase
Assigned (20090222)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
414274 38104 CVE-2009-0669 MLIST:[zope-announce] 20090806 CVE-2009-0668 and CVE-2009-0669: Releases to fix ZODB ZEO server vulnerabilities  View
414275 38104 CVE-2009-0669 URL:http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html  View
414276 38104 CVE-2009-0669 CONFIRM:http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2  View
414277 38104 CVE-2009-0669 BID:35987  View
414278 38104 CVE-2009-0669 URL:http://www.securityfocus.com/bid/35987  View
414279 38104 CVE-2009-0669 OSVDB:56826  View
414280 38104 CVE-2009-0669 URL:http://osvdb.org/56826  View
414281 38104 CVE-2009-0669 SECUNIA:36204  View
414282 38104 CVE-2009-0669 URL:http://secunia.com/advisories/36204  View
414283 38104 CVE-2009-0669 SECUNIA:36205  View
414284 38104 CVE-2009-0669 URL:http://secunia.com/advisories/36205  View
414285 38104 CVE-2009-0669 VUPEN:ADV-2009-2217  View
414286 38104 CVE-2009-0669 URL:http://www.vupen.com/english/advisories/2009/2217  View
414287 38104 CVE-2009-0669 XF:zope-protocol-auth-bypass(52379)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44823 JVNDB-2009-005830 Raven Web Services RavenNuke の Your Account モジュールにおける任意の PHP コードを実行される脆弱性 Raven Web Services RavenNuke の Your Account モジュールの Custom Fields 機能は、Eval インジェクションにより、任意の PHP コードを実行される脆弱性が存在します。 CVE-2009-0673 38104 6.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005830.html  View