The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15102
http://www.securityfocus.com/bid/9616
http://www.excluded.org/advisories/advisory10.txt