Design/Logic Flaw

aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/, b /tmp/.intro, c /tmp/aegis..ae, d /tmp/aegis., e /tmp/aegis..1, f /tmp/aegis..2, g /tmp/aegis..log, and h /tmp/aegis..out temporary files, related to the 1 bngdvlpd.sh, 2 bngrvwd.sh, 3...