Solaris 2.8 patchadd local exploit. Takes advantage of a symlink vulnerability to clobber files with output from patchadd. Tested on Solaris 2.8 Sparc with the current patch cluster applied.
a8745334e41a751bc67512da3ab3617e9e543b283f76da7d9a5b2496eef89fec