ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.
http://www.zataz.net/adviso/ncompress-09052005.txt
http://securityreason.com/securityalert/12