Google Mini Security Issue Patched

Via WebProNews, Metasploit explains how it discovered flaws in the Google Mini enterprise search appliance that could be abused to do "cross-site scripting, file discovery, service enumeration and arbitrary command execution." The flaw was reported to Google apparently privately earlier this year in June, a patch issued August and news of the issue released yesterday. Metasploit praised Google for responding immediately and being helpful through the fix and testing process.

About the author

Danny Sullivan was the founder and editor of Search Engine Watch from June 1997 until November 2006.

To contact current Search Engine Watch editorial staff, please click here.