Follow:

 

Exploit:AndroidOS/CVE-2011-1823


Exploit:AndroidOS/CVE-2011-1823 is the detection for specially-crafted Android programs that attempt to exploit a vulnerability in the Android operating system to gain root privilege. The vulnerability is discussed in CVE-2011-1823.



What to do now

Install antivirus software for your mobile device. For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Threat behavior

Exploit:AndroidOS/CVE-2011-1823 is the detection for specially-crafted Android programs that attempt to exploit a vulnerability in the Android operating system to gain root privilege. The vulnerability is discussed in CVE-2011-1823.

Installation

Exploit:AndroidOS/CVE-2011-1823 may be dropped and installed by Exploit:AndroidOS/GingerBreak.

Payload

Performs privileged operations

When run on a vulnerable device, Exploit:AndroidOS/CVE-2011-1823 gains administrator privilege, allowing it to perform operations with elevated privileges.

Analysis by Tim Liu


Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.


Prevention


Alert level: Severe
First detected by definition: 1.119.504.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: Jan 24, 2012
This entry was first published on: Jan 24, 2012
This entry was updated on: Jan 27, 2012

This threat is also detected as:
  • Exploit.Linux.Lotoor.q (Kaspersky)
  • Android.Exploit.GingerBreak.C (BitDefender)
  • Linux/Exploit.Lotoor.AJ trojan (ESET)
  • Exploit.Linux.Lotoor (Ikarus)
  • Linux/Exploit-Lotoor (McAfee)
  • AndroidOS_LOTOOR.E (Trend Micro)