Launchpad.net

CVE 2008-5150

sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file.

See the CVE page on Mitre.org for more details.