COPS Security Checker contains a flaw that allows local attackers to overwrite arbitrary files and possibly gain root priveleges. The flaw is due to a lack of sanity checking on calls to temporary files created in /tmp that do not check for existing files with the same name. Such flaws can be taken advantage of with symlinks and arbitrary files can be overwritten or appended to.
Modify the source code to the package to avoid using the /tmp directory. Instead, recode it to use a custom directory only accessable to root. There is also an untested patch written by the reporter of this vulnerability.