SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.
source: wwwsecurityfocuscom/bid/8778/info
A problem exists in the SuSEWM configuration file used by SuSEConfig Because of this, it may be possible for a local attacker to gain elevated privileges
/*
* Proof of Concept for SuSEconfigvmware Symbolic Link
* Tested on SuSE 82
* Nash Leon - nashleon@yahoocombr
*
* Reference:
...