From angelarifb at gmail.com Tue Dec 14 13:39:42 2010 From: angelarifb at gmail.com (Eugene Zola) Date: Tue, 14 Dec 2010 21:39:42 +0200 Subject: [VIM] Post positive reviews Message-ID: Google?s Huge Change and How it affects you. ? Anyone can now post bad reviews and kill your rank. ? We post good reviews and improve your rank. ? We post good reviews to keep others from killing your rank. Google: Judge, Jury and Online Shopping Executioner Google rank is based on reviews of your business? Google Statement: "...in the last few days we developed an algorithmic solution which detects the merchant from the Times article along with hundreds of other merchants that, in our opinion, provide an extremely poor user experience. The algorithm we incorporated into our search rankings represents an initial solution to this issue, and Google users are now getting a better experience as a result." This means that anyone can write bad reviews about your business and lower your ranking. We knew that getting good reviews and not getting bad reviews was always important. Now it is a must to have good reviews for your business to keep the rank safe or to improve rank with Google. We post positive reviews for your company. We have the experience and ability to post hundreds of positive reviews that are all unique content and posted on unique IP addresses. www.postgoodreviews.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From coley at linus.mitre.org Fri Dec 17 10:50:13 2010 From: coley at linus.mitre.org (Steven M. Christey) Date: Fri, 17 Dec 2010 11:50:13 -0500 (EST) Subject: [VIM] Oracle/Sunalert links now in stable location Message-ID: Looks like Christmas came early... I got this from Oracle. Haven't investigated closely yet. Seems like the login doesn't require an active contract... - Steve ---------------------- To make referring to these Sun Alerts easier we have created an index of of Security Sun Alerts and mappings for legacy SunSolve IDs: http://download.oracle.com/sunalerts It lists 935 different Sun Alerts published since 2003 plus three reference documents listing alerts published in 2000, 2001 and 2002. A free archival copy of a document using the new ID can be reached at an URL similar to: http://download.oracle.com/sunalerts/1000001.1.html The original/latest can now be found at: https://support.oracle.com/CSP/main/article?type=NOT&id=1000001.1 It may require a login account with support.oracle.com From jericho at attrition.org Mon Dec 20 02:16:25 2010 From: jericho at attrition.org (security curmudgeon) Date: Mon, 20 Dec 2010 02:16:25 -0600 (CST) Subject: [VIM] SAP - 500+ security notes Message-ID: http://www.h-online.com/security/news/item/Over-500-patches-for-SAP-1153061.html 14 December 2010, 20:40 Over 500 patches for SAP On Tuesday, SAP . one of the largest manufacturers of business applications and enterprise software . released a huge number of so-called Security Notes. An e-mail sent to SAP customers speaks euphemistically of "a significant number of security notes", it's rumoured there are 525 of these notes. According to the email, the "volume of fixes" was due to the use of new tools and methods in the quality assurance process. The vulnerabilities range from directory traversal via cross-site scripting, to SQL injection. However, most of the patches can be added through a "technical upgrade" to the new product release "SAP Business Suite 7 Innovations 2010". This then leaves only a handful of patches to be added manually. Details of the vulnerabilities and the patches have not been made public and are only available to customers with ID and password access to the Service Market Place on SAP sites. From sanhill at us.ibm.com Mon Dec 20 05:10:46 2010 From: sanhill at us.ibm.com (Sandra Hill) Date: Mon, 20 Dec 2010 04:10:46 -0700 Subject: [VIM] AUTO: Sandra Hill is out of the office (returning 12/28/2010) Message-ID: I am out of the office until 12/28/2010. Note: This is an automated response to your message "[VIM] SAP - 500+ security notes" sent on 12/20/10 1:16:25. This is the only notification you will receive while this person is away. -------------- next part -------------- An HTML attachment was scrubbed... URL: From theall at tenable.com Thu Dec 23 09:19:20 2010 From: theall at tenable.com (George A.Theall) Date: Thu, 23 Dec 2010 10:19:20 -0500 Subject: [VIM] Joomla Component com_ponygallery Remote File Inclusion Vulnerabilities Message-ID: <5DA2758D-CB6C-4CB1-8B3D-F8DE7099E82F@tenable.com> The issues covered by Exploit DB 15814 / Bugtraq 45558 don't seem valid to me. The script link in the Exploit DB advisory doesn't work (because it seems to use a session id in it) but if you download version 2.5.1 from Joomlaos.de and look at the affected files you'll see each has as its first line of code: defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); Thus, neither issue is exploitable as described in AtT4CKxT3rR0r1ST's advisory. Also, that line of code also exists in the files in older versions of the component that I was able to find -- 2.4.1 and 1.1.2. George -- theall at tenablesecurity.com From jericho at attrition.org Tue Dec 28 04:12:35 2010 From: jericho at attrition.org (security curmudgeon) Date: Tue, 28 Dec 2010 04:12:35 -0600 (CST) Subject: [VIM] [Full-disclosure] ZDI-10-200: Tivoli Storage Manager FastBack 0xfafbfcfd Packet Remote Code Execution Vulnerability (fwd) Message-ID: Hey ZDI, Do you know which CVE this corresponds to? There are multiple FastBackServer.exe overflows. Thanks, Brian ---------- Forwarded message ---------- From: ZDI Disclosures To: "'Full Disclosure (full-disclosure at lists.grok.org.uk)'" , "'Bugtraq (bugtraq at securityfocus.com)'" Date: Tue, 12 Oct 2010 16:12:00 -0500 Subject: [Full-disclosure] ZDI-10-200: Tivoli Storage Manager FastBack 0xfafbfcfd Packet Remote Code Execution Vulnerability ZDI-10-200: Tivoli Storage Manager FastBack 0xfafbfcfd Packet Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-200 October 12, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 10533. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tivoli Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe which listens by default on TCP port 1320. When handling a packet with header type 0xFAFBFCFD the process blindly copies user supplied data into a heap buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user. -- Vendor Response: IBM states: http://www-01.ibm.com/support/docview.wss?uid=swg21443820 Issue 2 -- Disclosure Timeline: 2010-06-17 - Vulnerability reported to vendor 2010-10-12 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * AbdulAziz Hariri -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi