Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2009-1300

Published: 16/04/2009 Updated: 08/01/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Debian

Vulnerability Summary

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

Vulnerable Product Search on Vulmon Subscribe to Product

debian advanced package tool 0.7.20

Vendor Advisories

Ubuntu Security Notice: apt vulnerabilities
Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become permanently disabled (CVE-2009-1300) ...
Debian CVElist Bug Report Logs: /etc/cron.daily/apt does not check return code of date
Debian Bug report logs - #523213 /etc/crondaily/apt does not check return code of date Package: apt; Maintainer for apt is APT Development Team <deity@listsdebianorg>; Source for apt is src:apt (PTS, buildd, popcon) Reported by: Jamie Strandboge <jamie@ubuntucom> Date: Wed, 8 Apr 2009 22:42:01 UTC Severity: gra ...
Debian CVElist Bug Report Logs: ignores expiry of archive keys
Debian Bug report logs - #433091 ignores expiry of archive keys Package: apt; Maintainer for apt is APT Development Team <deity@listsdebianorg>; Source for apt is src:apt (PTS, buildd, popcon) Reported by: martin f krafft <madduck@debianorg> Date: Sat, 14 Jul 2007 11:30:01 UTC Severity: important Tags: security ...
Debian Security Advisories: DSA-1779-1 apt -- several vulnerabilities
Two vulnerabilities have been discovered in APT, the well-known dpkg frontend The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1300 In time zones where daylight savings time occurs at midnight, the apt crondaily script fails, stopping new security updates from being applied automatically C ...

References

CWE-20http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793http://www.openwall.com/lists/oss-security/2009/04/08/11http://secunia.com/advisories/34832http://secunia.com/advisories/34829http://www.debian.org/security/2009/dsa-1779http://secunia.com/advisories/34874https://usn.ubuntu.com/762-1/https://usn.ubuntu.com/762-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook