Thu, Nov 24 2005 9:25 Don

Google appliances vulnerable

Everyone's favorite technology company was given 60 business days to patch their search appliances. Unfortunately, even with the long grace period many appliances remain unpatched.

Back in June security researcher H.D. Moore discovered weaknesses in the Google Search Appliance that can allow for cross-site scripting, file discovery, service enumeration, and arbitrary command execution in certain versions of the appliance. Google promptly released a patch in mid-August, however more than three months later many appliances still remain vulnerable.

Securityfocus
Filed under: