Debian Security Advisory 1086-1: The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1.
6c651630037fb5a3d3e0c09a5a7566cd2e210e7396cd7553174d3d3cea923642