Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.Referenceshttp://www.iss.net/security_center/static/7714.phphttp://rhn.redhat.com/errata/RHSA-2001-171.htmlhttp://www.securityfocus.com/bid/3987
