Code injection

dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/awstats.log, b /tmp/spam.log., and c /tmp/spamerr.log temporary files, related to the 1 accesslog.php and 2 sa-wrapper scripts...