sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.Referenceshttp://secunia.com/advisories/32875https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00475.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-November/msg00431.htmlhttp://secunia.com/advisories/32806http://lists.debian.org/debian-devel/2008/08/msg00347.htmlhttp://uvw.ru/report.sid.txt
