CVE-2005-3755 - Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Applia

CVE-2005-3755

Summary

Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages.

References

Vulnerable Configurations

cpe:2.3:h:google:mini_search_appliance:*:*:*:*:*:*:*:*
cpe:2.3:h:google:mini_search_appliance:*:*:*:*:*:*:*:*
cpe:2.3:h:google:search_appliance:*:*:*:*:*:*:*:*
cpe:2.3:h:google:search_appliance:*:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 19-10-2018 - 15:39)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	15509
bugtraq	20051121 Google Search Appliance proxystylesheet Flaws
misc	http://metasploit.com/research/vulns/google_proxystylesheet/
osvdb	20977
sectrack	1015246
secunia	17644
vupen	ADV-2005-2500

Last major update

19-10-2018 - 15:39

Published

22-11-2005 - 21:03

Last modified

19-10-2018 - 15:39