Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file.
http://www.securityfocus.com/bid/38924
http://www.securityfocus.com/archive/1/510306/100/0/threaded