Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26191
http://www.vupen.com/english/advisories/2006/1591