Debian Security Advisory DSA 256-1 (mhc)

Summary
The remote host is missing an update to mhc announced via advisory DSA 256-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20256-1
Insight
It has been discovered that adb2mhc from the mhc-utils package. The default temporary directory uses a predictable name. This adds a vulnerability that allows a local attacker to overwrite arbitrary files the users has write permissions for. For the stable distribution (woody) this problem has been fixed in version 0.25+20010625-7.1. For the old stable distribution (potato) does not contain mhc packages. For the unstable distribution (sid) this problem has been fixed in version 0.25+20030224-1. We recommend that you upgrade your mhc-utils packages.