Debian Security Advisory DSA 883-1 - The Debian Security Audit team has discovered that the syslogtocern script from thttpd, a tiny webserver, uses a temporary file insecurely, allowing a local attacker to craft a symlink attack to overwrite arbitrary files.
ea3a51b910f30ac15738c82b57ed5c2f6c9cece09275321119b110f63fc4e07f