Dailydave mailing list archives
Re: Vuln scoring system anyone?
From: Brian <bmc () snort org>
Date: Tue, 1 Mar 2005 15:51:59 -0500
On Tue, Mar 01, 2005 at 03:40:11PM -0500, security curmudgeon wrote:
What if someone posts to an incident list that they got owned by this vuln, but the vendor hasn't ack'd it?
I wouldn't trust randoms on an incident list to know what
vulnerability caused the incident they are investigating.
If you see an email to bugtraq saying:
"I found a vuln in SSH."
And someone else sends an email to incidents:
"I only run SSH and got owned via SSH."
Then you've got a new confirmed vulnerability? Not hardly.
Brian
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Vuln scoring system anyone?, (continued)
- RE: Vuln scoring system anyone? Kevin Greene (Feb 26)
- Vuln scoring system anyone? Brian Erdelyi (Feb 28)
- Vuln scoring system anyone? Brian Erdelyi (Feb 28)
- Re: Vuln scoring system anyone? Dave Aitel (Feb 28)
- Re: Vuln scoring system anyone? Brian Erdelyi (Mar 01)
- Re: Vuln scoring system anyone? Dave Aitel (Mar 01)
- Re: Vuln scoring system anyone? Brian Erdelyi (Mar 01)
- Re: Vuln scoring system anyone? Dave Aitel (Mar 01)
- Re: Vuln scoring system anyone? Brian Erdelyi (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Brian (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Blue Boar (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Brian (Mar 01)
- Re: Vuln scoring system anyone? Dave Aitel (Feb 28)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Oliv (Mar 02)
- Re: Vuln scoring system anyone? Tom Parker (Mar 02)
- Re: Vuln scoring system anyone? Jason (Mar 02)
- Re: Vuln scoring system anyone? Kurt Seifried (Mar 02)
- RE: Vuln scoring system anyone? Ben Nagy (Mar 03)