GLSA 200409-25 (средняя) - CUPS: Denial of service vulnerability
A vulnerability in CUPS allows remote attackers to cause a denial of service when sending a carefully-crafted UDP packet to the IPP port.

GLSA 200409-24 (высокая) - Foomatic: Arbitrary command execution in foomatic-rip filter
The foomatic-rip filter in foomatic-filters contains a vulnerability which may allow arbitrary command execution on the print server.

GLSA 200409-23 (низкая) - SnipSnap: HTTP response splitting
SnipSnap is vulnerable to HTTP response splitting attacks such as web cache poisoning, cross-user defacement, and cross-site scripting.

GLSA 200409-22 (средняя) - phpGroupWare: XSS vulnerability in wiki module
The phpGroupWare software contains a cross site scripting vulnerability in the wiki module.

GLSA 200409-21 (средняя) - Apache 2, mod_dav: Multiple vulnerabilities
Several vulnerabilities have been found in Apache 2 and mod_dav for Apache 1.3 which could allow a remote attacker to cause a Denial of Service or a local user to get escalated privileges.

GLSA 200409-20 (средняя) - mpg123: Buffer overflow vulnerability
mpg123 decoding routines contain a buffer overflow bug that might lead to arbitrary code execution.

GLSA 200409-19 (высокая) - Heimdal: ftpd root escalation
Several bugs exist in the Heimdal ftp daemon which could allow a remote attacker to gain root privileges.

GLSA 200409-18 (высокая) - cdrtools: Local root vulnerability in cdrecord if set SUID root
cdrecord, if manually set SUID root, is vulnerable to a local root exploit allowing users to escalate privileges.

GLSA 200409-17 (высокая) - SUS: Local root vulnerability
SUS contains a string format bug that could lead to local privilege escalation.

GLSA 200409-16 (средняя) - Samba: Denial of Service vulnerabilities
Two Denial of Service vulnerabilities have been found and fixed in Samba.

GLSA 200409-15 (средняя) - Webmin, Usermin: Multiple vulnerabilities in Usermin
A vulnerability in the webmail function of Usermin could be used by an attacker to execute shell code via a specially-crafted e-mail. A bug in the installation script of Webmin and Usermin also allows a local user to execute a symlink attack at installation time.

GLSA 200409-14 (низкая) - Samba: Remote printing non-vulnerability
Samba has a bug with out of sequence print change notification requests, but it cannot be used to perform a remote denial of service attack.

GLSA 200409-13 (средняя) - LHa: Multiple vulnerabilities
Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code.

GLSA 200409-12 (средняя) - ImageMagick, imlib, imlib2: BMP decoding buffer overflows
ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.

GLSA 200409-11 (высокая) - star: Suid root vulnerability
star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker.

GLSA 200409-10 (средняя) - multi-gnome-terminal: Information leak
Active keystroke logging in multi-gnome-terminal has been discovered in potentially world-readable files. This could allow any authorized user on the system to read sensitive data, including passwords.

GLSA 200409-09 (высокая) - MIT krb5: Multiple vulnerabilities
MIT krb5 contains several double-free vulnerabilities, potentially allowing the execution of arbitrary code, as well as a denial of service vulnerability.

GLSA 200409-08 (средняя) - Ruby: CGI::Session creates files insecurely
When used for CGI scripting, Ruby creates session files in /tmp with the permissions of the default umask. Depending on that umask, local users may be able to read sensitive data stored in session files.

GLSA 200409-07 (средняя) - xv: Buffer overflows in image handling
xv contains multiple exploitable buffer overflows in the image handling code.

GLSA 200409-06 (средняя) - eGroupWare: Multiple XSS vulnerabilities
The eGroupWare software contains multiple cross site scripting vulnerabilities.