Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes.
Score: 3.0
Priority: P2 - Serious (High)
Score: 0.00049
Percentile:
0.15023
CVSS v2 Score: 7.2
Severity: