CVE-2009-1300

Published: Apr 16, 2009Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

Affected (1)

Products: Debian: Advanced Package Tool

Debian

1 product

Advanced Package Tool

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Debian Advanced Package Tool	Version 0.7.20

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (16)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213

Source: cve@mitre.org

http://secunia.com/advisories/34829

Source: cve@mitre.org

http://secunia.com/advisories/34832

Source: cve@mitre.org

http://secunia.com/advisories/34874

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1779

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2009/04/08/11

Source: cve@mitre.org

https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793

Source: cve@mitre.org

https://usn.ubuntu.com/762-1/

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213