/usr/sbin/scanners,  GUI  tool  for  scanners  setup,   root-suid,
  contains an ugly and easily exploitable bug that allows any  local
  user to gain root priviledges.  It's part of Impressario package.

    strings /usr/sbin/scanners | grep SGIHELPROOT

  If string is found, your system is probably vulnerable.

  Bug  itself  is  pretty  lame.   scanners  runs  with  uid=0   and
  euid=luserid, and doesn't change uid before calling sgihelp.   And
  it's even more gullible than LicenceManager v1.0 -- it takes  path
  for  help  program  from  SGIHELPROOT  environment  variable.   So
  setting SGIHELPROOT to /tmp  and putting something called  sgihelp
  in /tmp,  then running  scanners and  selecting any  line in  Help
  menu will execute this something as root.  Pretty neat.  This  bug
  is brought to You by Yuri Volobuev.