1. Symantec/
  2. Security Response/
  3. OSX.Exploit.Launchd


Risk Level 1: Very Low

June 30, 2006
June 30, 2006 11:08:01 PM
Systems Affected:
OSX.Exploit.Launchd is a Trojan horse that exploits the Apple Mac OS X LaunchD Local Format String Vulnerability (BID 18724). It provides root access on the Macintosh OSX version 10.4.6 or earlier.

An attacker who exploits this vulnerability could elevate the privileges of his local account on an Apple Mac OS X computer.

OSX.Exploit.Launchd is a crafted .plist configuration file for LaunchD service. In order to exploit LaunchD the attacker must execute the command:
launchctl load [MALICIOUS FILE NAME]

Once executed, the malicious code is run inside the process of LaunchD which runs with root privileges.

Next, it opens a shell with full root privileges which is controllable by the attacker.
Writeup By: Costin Ionescu
Summary| Technical Details

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube