CVE-2008-5372

Name of the Vulnerable Software and Affected Versions sdm-terminal version 0.4.0b

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. This is related to the sdm-login component in sdm-terminal.

Recommendations For version 0.4.0b, consider restricting access to the sdm-login component to minimize the risk of exploitation. As a temporary workaround, avoid using the sdm-login feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.