GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.