Numerous Bugs in Safari 3.0 for Windows Beta

Numerous Bugs in Safari 3.0 for Windows Beta
Numerous Bugs in Safari 3.0 for Windows Beta

Forwarded with permission from: Security UPDATE 


ALERT: "How A Hacker Launches A Cross-Site Scripting Attack" White Paper 

Replication in the VMware Environment 

Automated GLBA Security Compliance: Free Report 

=== CONTENTS ==================================================
IN FOCUS: Numerous Bugs in Safari 3.0 for Windows Beta

   - Three Botnet Operators Arrested
   - SonicWALL to Expand Offerings with Aventail Acquisition
   - Recent Security Vulnerabilities

   - Security Matters Blog: Phishers Using Wildcard DNS
   - FAQ: Mapping Accounts to Services
   - Share Your Security Tips

   - A Managed Service for Security and Systems Management
   - Product Evaluations from the Real World




=== SPONSOR: SPI Dynamics =====================================
ALERT: "How A Hacker Launches A Cross-Site Scripting Attack" White 
   Cross-site scripting vulnerabilities in web apps allow hackers to 
compromise confidential information, steal cookies, and create requests 
that can be mistaken for those of a valid user!! Download this *FREE* 
white paper from SPI Dynamics for a complete guide to protection! 

=== IN FOCUS: Numerous Bugs in Safari 3.0 for Windows Beta ====   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Browser vulnerabilities are serious business. Windows administrators 
already have contend with Microsoft Internet Explorer (IE) bugs flying 
out of the woodwork nearly faster than Microsoft can fix them, Mozilla 
Firefox bugs appearing at a lesser rate, and of course bugs in the 
Opera browser. If that isn't enough to keep up with, we're about to see 
another browser and its inevitable security vulnerabilities added to 
the mix. 

Apple recently released a beta version of Safari 3.0.1 for Windows (see 
the first URL below). Security researchers immediately began banging 
away at it looking for vulnerabilities, and they've already struck pay 
dirt. A torrent of newfound vulnerabilities is now raining down upon 

Writing in his company blog (at the URL below), Dave Maynor of Errata 
Security, said, "We found a total of six bugs in an afternoon, 4 [of 
which lead to] denial of service and two [that allow] remote code 
execution." Maynor added that while he did test the beta for Windows, 
the bugs also exist in a production version of Safari for OS X. Maynor 
also said that he has "weaponized" one of the bugs into a working 

Maynor isn't alone in his discoveries. Aviv Raff also put Safari 
through a hammering. Raff said that "I wasn't surprised to get a nice 
crash a few minutes later." What Raff discovered was a memory 
corruption problem, which can often lead to remote exploits. See the 
URL below for details. 

Two more researchers, "jsz" and "Trancer," discovered a Denial of 
Service (DoS) exploit, which you can read about at the first URL below. 
Tom Ferris said he found 10 vulnerabilities (at the second URL below) 
but didn't elaborate. He's holding them until the browser is released. 

Robert Swiecki discovered a spoofing vulnerability in the first beta 
release (see the first URL below) that has been fixed in the Safari 
3.0.1 beta. And Thor Larholm discovered "a fully functional command 
execution vulnerability, triggered without user interaction simply by 
visiting a web site." See the second URL for information on that 
problem. I'm sure there are other Safari 3.0.1 vulnerabilities that I 
haven't learned about yet. 

Like Microsoft, which attempts to write applications that are "secure 
by design," Apple boasts that it "designed Safari to be secure from day 
one." But as the flurry of vulnerabilities shows, Apple's contention 
doesn't hold water. 

Because Apple has reacted rather harshly (and sometimes with media 
spin) to a few previous incidents of reported security problems, some 
researchers, such as Maynor and Ferris, have little if any intention of 
notifying Apple up front about the details of their discoveries. 

Although Apple has already plugged a few of the holes mentioned in this 
article, I'm still almost certain that we're going to see a lot of 
zero-day exploits against Safari. As is often said in the security 
industry, "You've been warned." 

=== SPONSOR: Double-Take Software =============================
Replication in the VMware Environment
   When recoverability matters, ensure you can protect and recover 
business critical data and applications. This document describes how 
VMware software can be used to provide solutions for challenging high 
availability and disaster recovery problems by leveraging real-time 
data replication and virtualization technologies to create cost-
effective, simplified disaster recovery architectures. 

=== SECURITY NEWS AND FEATURES ================================
Three Botnet Operators Arrested
   The FBI revealed that it has arrested three people who allegedly 
built and managed botnets. 

SonicWALL to Expand Offerings with Aventail Acquisition
   SonicWALL will gain new SSL VPN features and functionality through 
its planned acquisition of Aventail. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: Qualys ===========================================
Automated GLBA Security Compliance: Free Report 
   Compliance and knowledge of every aspect of the GLBA is mandatory. 
Through web services, on demand security is automated and immediate 
compliance to the GLBA safeguard guidelines is achieved. Learn how 
comprehensive GLBA compliance is managed through internal and external 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Phishers Using Wildcard DNS
by Mark Joseph Edwards, 

Wildcard DNS is a handy feature, and phishers are apparently using it 
to bypass filtering. 

FAQ: Mapping Accounts to Services
by John Savill, 

Q: What is a Service Principal Name (SPN) mapping?

Find the answer at 

   Share your security-related tips, comments, or problems and 
solutions in Security Pro VIP's Reader to Reader column. Email your 
contributions to If we print your submission, 
you'll get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ================================================== by Renee Munshi, 

A Managed Service for Security and Systems Management
   Vigilar announced the availability of ATLAS, a managed service for 
security and systems management. ATLAS offers five modules, which can 
be purchased separately or as a group. The Log Management Service 
Module audits all system and application components for compliance with 
regulations. The Authentication Management Module administers "various 
authentication platforms, implementing and managing customer's user 
accounts for various applications." The System Maintenance Module 
provides automated patch management and health checks. The Asset and 
License Management Module tracks IT asset and license data, and the 
Technical Support Concierge Module provides Help desk functions. For 
more information, go to 

   Share your product experience with your peers. Have you discovered a 
great product that saves you time and money? Do you use something you 
wouldn't wish on anyone? Tell the world! If we publish your opinion, 
we'll send you a Best Buy gift card! Send information about a product 
you use and whether it helps or hinders you to 

=== RESOURCES AND EVENTS ======================================   For more security-related resources, visit 

Discover a wealth of information about how to protect and secure your 
data in the event of a disaster. You might not be able to predict what 
kind of a disaster you might be faced with, but you can be prepared 
with a solid response when one strikes. Disaster can strike anywhere, 
so make sure you're ready when it does. 

Having customers depend on your IT services in order to communicate, 
purchase, or manage orders is great for your business. But what happens 
when your applications or Web sites become unavailable? Download this 
free white paper and learn how to eliminate application downtime and 
ensure the continuity of your business. 

This Web seminar explains how to ensure that your organization gets the 
most out of its log management investment, the key requirements and 
architectural differences to consider, and the caveats and risks to 
watch for as you spec out your requirements and design. 

=== FEATURED WHITE PAPER ======================================
Learn how Symantec and IBM deliver a comprehensive archiving solution 
for email, files, instant messages, databases, and VoIP, as well as 
many other document formats, while helping you reduce storage costs and 
simplifying management. Understand the challenges surrounding an 
Exchange environment and the Symantec and IBM capabilities to solve 

=== ANNOUNCEMENTS =============================================
Scripting Pro VIP--Just Download and Run 
   Scripting Pro VIP is an online resource that delivers in-depth 
articles (and downloadable code) every week on topics such as ADSI and 
ADO. Subscribers also receive tips, cautionary advice, direct access to 
our editors, and a host of other unique benefits! Order now at an 
exclusive charter rate and save up to $50! 

Special Invitation for VIP Access 
   Become a VIP subscriber and get continuous, inside access to all the 
content published in Windows IT Pro, SQL Server Magazine, Exchange & 
Outlook Pro VIP, Scripting Pro VIP, and Security Pro VIP. Subscribe 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. 

Site design & layout copyright © 1986-2015 CodeGods