Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1300

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1300
Last Modified 19 May 2009 01:34:51
Published 16 Apr 2009 11:12:57
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1300

Summary

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

Vulnerable Systems

Application

  • Debian Apt 0.7.20


References

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793

UBUNTU - USN-762-1

MLIST - [oss-security] 20090408 CVE request: apt

DEBIAN - DSA-1779

SECUNIA - 34874

SECUNIA - 34832

SECUNIA - 34829

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213

Related Patches

Microsoft .NET Framework 2.0 SP1 (See Notes) (Rev 3)

Microsoft .NET Framework 2.0 SP2 (All Languages)


Last Updated: 27 May 2016 10:50:32