Via WebProNews, Metasploit explains how it discovered flaws in the Google Mini enterprise search appliance that could be abused to do "cross-site scripting, file discovery, service enumeration and arbitrary command execution." The flaw was reported to Google apparently privately earlier this year in June, a patch issued August and news of the issue released yesterday. Metasploit praised Google for responding immediately and being helpful through the fix and testing process.
Meet Your Favorite Search Engine Watch Contributors
Many of SEW's leading expert contributors will be at ClickZ Live, the new online and digital marketing event kicking off in New York (March 31-April 3). Hear from the likes of: Thom Craver, Josh Braaten, Lisa Barone, Simon Heseltine, Josh McCoy, Lisa Raehsler, Greg Jarboe, Dan Cristo, Joseph Kerschbaum, John Gagnon, Eric Enge and more!