Dailydave mailing list archives
Re: Vuln scoring system anyone?
From: Frank Knobbe <frank () knobbe us>
Date: Tue, 01 Mar 2005 21:18:58 -0600
On Tue, 2005-03-01 at 07:49 -0800, Brian Erdelyi wrote:
DoS Vuln: Access Vector Remote Access Complexity Low Authentication Not Required Confidentiality Impact None Integrity Impact None Availability Impact Complete Impact Bias Availability
Have you considered adding the "Timeliness" of an attack as a category? Certain attacks have an immediate impact while others attacks have a time span between initial attack and impact. I think the timeliness is important, especially when you consider the disastrous effect an "immediate" attack can have on other infrastructure (bandwidth clogging, amount of other systems affected, etc. SQL slammer is a good example). Regards, Frank
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Vuln scoring system anyone?, (continued)
- Re: Vuln scoring system anyone? Blue Boar (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Brian (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Oliv (Mar 02)
- Re: Vuln scoring system anyone? Tom Parker (Mar 02)
- Re: Vuln scoring system anyone? Jason (Mar 02)
- Re: Vuln scoring system anyone? Kurt Seifried (Mar 02)
- RE: Vuln scoring system anyone? Ben Nagy (Mar 03)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)
- Re: Vuln scoring system anyone? Frank Knobbe (Mar 01)
- Re: Vuln scoring system anyone? Blue Boar (Mar 01)
- Re: Vuln scoring system anyone? security curmudgeon (Mar 01)