exploitDog

CVE-2020-10587

Опубликовано: 14 мар. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.

Ссылки

https://gist.github.com/bash-c/d2055b5047e56a0b49c95b461347c619#file-antix-exp-sh
Exploit
Third Party Advisory
https://gist.github.com/bash-c/d2055b5047e56a0b49c95b461347c619#file-mx-exp-sh
Exploit
Third Party Advisory
https://gist.github.com/bash-c/d2055b5047e56a0b49c95b461347c619#file-antix-exp-sh
Exploit
Third Party Advisory
https://gist.github.com/bash-c/d2055b5047e56a0b49c95b461347c619#file-mx-exp-sh
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:antixlinux:antix_linux:-:*:*:*:*:*:*:*

cpe:2.3:o:mxlinux:mx_linux:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00136

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-j889-m9mj-xrmv

github

больше 3 лет назад

antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.

EPSS

Процентиль: 34%

0.00136

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo