Remote Port Scanning Vulnerability in Google Mini and Search Appliances
CVE-2005-3756

Currently unrated

Key Information:

Vendor: Google
Status: Mini Search Appliance; Search Appliance
Vendor: CVE Published:; 22 November 2005

Summary

A vulnerability exists in the Google Mini Search Appliance, and potentially in the Google Search Appliance, which allows remote attackers to execute port scans on arbitrary hosts by leveraging manipulated URLs. By analyzing the resultant error messages, attackers can infer the status of various ports, identifying which are open or closed. This flaw poses a risk to network security by enabling unauthorized reconnaissance of network services.

References

http://secunia.com/advisories/17644

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/20979

vdb-entryx_refsource_OSVDB

http://metasploit.com/research/vulns/google_proxystylesheet/

x_refsource_MISC

Timeline

Vulnerability published
Nov 22, 2005
Vulnerability Reserved
Nov 22, 2005