CVE-2005-1387 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-1387

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.

Affected Software

Name	Vendor	Start Version	End Version
Cocktail	Kristofer_szymanski	3.5.4 (including)	3.5.4 (including)

References

http://marc.info/?l=bugtraq\u0026m=111480898530362\u0026w=2
http://secunia.com/advisories/15201
http://www.osvdb.org/16046
http://www.securityfocus.com/bid/13449
http://marc.info/?l=bugtraq\u0026m=111480898530362\u0026w=2
http://secunia.com/advisories/15201
http://www.osvdb.org/16046
http://www.securityfocus.com/bid/13449