xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption).Referenceshttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366816http://www.debian.org/security/2006/dsa-1086http://secunia.com/advisories/20078https://exchange.xforce.ibmcloud.com/vulnerabilities/26452
