Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Google Search Appliance Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google Search Appliance Vulnerability
HD Moore of Metasploit wrote to tell us that they have been doing some testing to see who has been naughty and who has been nice.  Metasploit found a potential XSS vulnerability in Google's search appliance and worked with Google to get a patch issued.  Details are at http://metasploit.com/research/vulns/google_proxystylesheet/.

One day after the patch came out, Moore did a bit of Internet analysis and reported this:  "Nov 22 2005 - Quite a few people were wondering what percentage of the Internet-accessible appliances have yet to apply the patch. We decided to do some statistical sampling and find out. We selected 43 appliances at random from a Google query for inurl:proxystylesheet. Of these 43 systems, 23 were confirmed vulnerable (non-invasively), 8 were definitely patched, and the remaining 12 could not be determined one way or another (for a variety of reasons). If we assume this sample was anything close to the real distribution, we are talking about over half (53%) of all appliances being unpatched."

Marcus

301 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!