Vulnerabilities > CVE-2005-1387 - Unspecified vulnerability in Kristofer Szymanski Cocktail 3.5.4
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |