CVE-2009-5014

Name of the Vulnerable Software and Affected Versions TurboGears2 versions prior to 2.0.2

Description The default quickstart configuration has a weak cookie salt, making it easier for remote attackers to bypass authentication via a forged authorization cookie.

Recommendations For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue.