This Metasploit module exploits a SUID installation of the Emacs movemail utility to run a command as root by writing to 4.3BSD's /usr/lib/crontab.local. The vulnerability is documented in Cliff Stoll's book The Cuckoo's Egg.
9a45ef7c2c0d7e05f3ad54afa5cf8a4f5e411cdd781a161604fbfb0258e39186