Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/3334
http://www.ethereal.com/lists/ethereal-dev/199907/msg00130.html
http://www.ethereal.com/lists/ethereal-dev/199907/msg00126.html