The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.