Via WebProNews, Metasploit explains how it discovered flaws in the Google Mini enterprise search appliance that could be abused to do "cross-site scripting, file discovery, service enumeration and arbitrary command execution." The flaw was reported to Google apparently privately earlier this year in June, a patch issued August and news of the issue released yesterday. Metasploit praised Google for responding immediately and being helpful through the fix and testing process.
The Original Search Marketing Event is Back!
SES Denver (Oct 16) offers an intense day of learning all the critical aspects of search engine optimization (SEO) and paid search advertising (PPC). The mission of SES remains the same as it did from the start - to help you master being found on search engines. Register today!