Google Search Appliance UTF-7 Cross Site Scripting Vulnerability

Bugtraq ID:	21438
Class:	Input Validation Error
CVE:	CVE-2006-6223
Remote:	Yes
Local:	No
Published:	Dec 05 2006 12:00AM
Updated:	Dec 05 2006 07:39PM
Credit:	maluc is credited with the discovery of this issue.
Vulnerable:	Google Search Appliance 0 Google Mini Search Appliance 0
Not Vulnerable:

Google Search Appliance UTF-7 Cross Site Scripting Vulnerability

The Google Search Appliance is prone to a cross-site scripting vulnerability because the device fails to handle UTF-7-encoded URIs securely.

Attackers may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

The Google Search Appliance and Google Mini Search Appliance are vulnerable to this issue.

Google Search Appliance UTF-7 Cross Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI.

Google Search Appliance UTF-7 Cross Site Scripting Vulnerability

Solution:
The vendor has released advisories addressing this issue for affected appliances. Please see the references for more information.

Note that a valid customer login is required to access the advisories.

Google Search Appliance UTF-7 Cross Site Scripting Vulnerability

References:

• Enterprise Solutions : Google Search Appliance (Google)
  
• Google Advisory ga-2006-11-g (Google)
  
• Google Advisory ga-2006-11-m (Google)
  
• Vulnerability Note VU#989144 - Google Mini and Google Search Appliance vulnerabl (US-Cert)
  
• Widespread XSS for Google Search Appliance (maluc)