Cocktail 3.5.4 and Earlier in Mac OS X Vulnerability: Cleartext Transmission of Administrative Password
CVE-2005-1387 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.
Learn more about our User Device Pen Test.