fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
http://www.redhat.com/support/errata/RHSA-2001-103.html
http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html