Vulnerabilities > CVE-2005-3755 - Unspecified vulnerability in Google Mini Search Appliance and Search Appliance
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN google
nessus
Summary
Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 2 |
Nessus
| NASL family | CGI abuses |
| NASL id | GOOGLE_SEARCH_APPLIANCE_PROXYSTYLESHEET.NASL |
| description | The remote Google Search Appliance / Mini Search Appliance fails to sanitize user-supplied input to the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20241 |
| published | 2005-11-22 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20241 |
| title | Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID) |
References
- http://metasploit.com/research/vulns/google_proxystylesheet/
- http://www.securityfocus.com/bid/15509
- http://www.osvdb.org/20977
- http://securitytracker.com/id?1015246
- http://secunia.com/advisories/17644
- http://www.vupen.com/english/advisories/2005/2500
- http://www.securityfocus.com/archive/1/417310/30/0/threaded