Lucene search

[email protected]CVE-2005-3756

HistoryNov 22, 2005 - 9:03 p.m.

CVE-2005-3756

2005-11-2221:03:00

[email protected]

web.nvd.nist.gov

google

mini

appliance

remote

port scanning

cve-2005-3756

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.

Affected configurations

NVD

Node

googlemini_search_appliance

googlesearch_appliance

CPENameOperatorVersion
google:mini_search_appliancegoogle mini search applianceeq*
google:search_appliancegoogle search applianceeq*

CPE	Name	Operator	Version
google:mini_search_appliance	google mini search appliance	eq	*
google:search_appliance	google search appliance	eq	*

References

metasploit.com/research/vulns/google_proxystylesheet/

secunia.com/advisories/17644

securitytracker.com/id?1015246

www.osvdb.org/20979

www.securityfocus.com/archive/1/417310/30/0/threaded

www.securityfocus.com/bid/15509

www.vupen.com/english/advisories/2005/2500

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

Related for CVE-2005-3756

cvelist1 nvd1 nessus1