Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.