PT-2020-12219 · Mx Linux+2 · Mx Linux+2

Published

2020-03-14

Updated

2021-07-21

CVE-2020-10587

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions antiX (affected versions not specified) MX Linux (affected versions not specified)

Description The issue allows local users to achieve root access via "persist-config --command /bin/sh" due to the Sudo configuration.

Recommendations For antiX, update the Sudo configuration to prevent unauthorized access. For MX Linux, update the Sudo configuration to prevent unauthorized access. As a temporary workaround, consider restricting the use of the persist-config command until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-10587

Affected Products

Mx Linux

Sudo

Antix

PT-2020-12219 · Mx Linux+2 · Mx Linux+2

CVE-2020-10587

Related Identifiers

Affected Products

References · 4