CVE-2012-0808

Name of the Vulnerable Software and Affected Versions as31 versions 2.3.1 through 2.3.1-4

Description The issue makes it easier for local users to create or truncate files via a symlink attack because the random number generator is not seeded and generates predictable temporary file names.

Recommendations For versions 2.3.1 through 2.3.1-4, consider implementing a proper random number generator seeding mechanism to prevent predictable temporary file name generation. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.