vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5923
http://www.securityfocus.com/bid/2186
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3