Exploitation Summary
EIP tracks 1 public exploit for CVE-2015-3760.
PoCs published by Stefan Esser, joev, including Metasploit module exploits/osx/local/dyld_print_to_file_root.
AI-analyzed exploit summary This Metasploit module exploits a privilege escalation vulnerability in Apple OS X (CVE-2015-3760) by abusing the DYLD_PRINT_TO_FILE environment variable to write arbitrary files as root via SUID-root binaries. It uploads a reverse shell payload and modifies /etc/sudoers to gain root access.
Description
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
Exploits (1)
This Metasploit module exploits a privilege escalation vulnerability in Apple OS X (CVE-2015-3760) by abusing the DYLD_PRINT_TO_FILE environment variable to write arbitrary files as root via SUID-root binaries. It uploads a reverse shell payload and modifies /etc/sudoers to gain root access.