CVE-2009-1300

Sažetak

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213
http://secunia.com/advisories/34829
http://secunia.com/advisories/34832
http://secunia.com/advisories/34874
http://www.debian.org/security/2009/dsa-1779
http://www.openwall.com/lists/oss-security/2009/04/08/11
https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793
https://usn.ubuntu.com/762-1/

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

08-01-2020 - 15:11

Objavljeno

16-04-2009 - 15:12