sing (http://sourceforge.net/projects/sing) is "a tool that sends ICMP packets fully customized from command line". A vulnerability in the way sing works allows local attackers who have access to a setuid root version of sing to append to any file arbitrary data, which in turn allows them to gain elevated privileges.

http://www.securiteam.com/unixfocus/6K00215KKO.html