Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.