Detections
Analytics

CVE-2009-1300

critical

Description

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

References

https://usn.ubuntu.com/762-1/

https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793

http://www.openwall.com/lists/oss-security/2009/04/08/11

http://www.debian.org/security/2009/dsa-1779

http://secunia.com/advisories/34874

http://secunia.com/advisories/34832

http://secunia.com/advisories/34829

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213

Details

Source: Mitre, NVD

Published: 2009-04-16

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01081