Vulnerability Description
Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mini Search Appliance | All versions | |
| Search Appliance | All versions |
References
- http://metasploit.com/research/vulns/google_proxystylesheet/PatchVendor Advisory
- http://secunia.com/advisories/17644Vendor Advisory
- http://securitytracker.com/id?1015246PatchVendor Advisory
- http://www.osvdb.org/20979ExploitPatch
- http://www.securityfocus.com/archive/1/417310/30/0/threaded
- http://www.securityfocus.com/bid/15509Patch
- http://www.vupen.com/english/advisories/2005/2500
- http://metasploit.com/research/vulns/google_proxystylesheet/PatchVendor Advisory
- http://secunia.com/advisories/17644Vendor Advisory
- http://securitytracker.com/id?1015246PatchVendor Advisory
- http://www.osvdb.org/20979ExploitPatch
- http://www.securityfocus.com/archive/1/417310/30/0/threaded
- http://www.securityfocus.com/bid/15509Patch
- http://www.vupen.com/english/advisories/2005/2500
FAQ
What is CVE-2005-3756?
CVE-2005-3756 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error me...
How severe is CVE-2005-3756?
CVE-2005-3756 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3756?
Check the references section above for vendor advisories and patch information. Affected products include: Google Mini Search Appliance, Google Search Appliance.