Metasploit contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the program creating temporary files insecurely. It is possible for a local attacker to use a symlink attack against the plugins/pcap_log.rb file to cause the program to unexpectedly write to, or overwrite an attacker specified file.
Local Access Required
Loss of Integrity
Upgrade to version 4.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.