Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kristofer szymanski cocktail 3.5.4 |