Dailydave mailing list archives
Re: Interactive Vulnerability Scoring System
From: Dave Aitel <dave () immunitysec com>
Date: Fri, 04 Mar 2005 19:52:46 -0500
Just for kicks, VSC's current score is 84.9 and our current average is 7.7 :> If I had more than 15 minutes spare, I'd draw a floating average and do some real statistics but I don't.
Also, I noted a few problems with the system as a whole. It's clumpy, which means it needs more metrics, and they need to be more specific. Also, what if a bug is patched but unknown? There are a lot of questions left unanswered that affect how interesting a vulnerability is. Anyways, I did a quick sample just for humor's sake.
Please note: You cannot post to the list without being subscribed. This list gets more spam than I can handle wading through. There's no "content" moderation of DD though, so don't feel slighted.
IMHO, Dave Aitel Senior Policy Analyst Immunity, Inc. Brian Erdelyi wrote:
My obsession with the Common Vulnerability Scoring System (CVSS) continues. I've now created a web-based Interactive Common Vulnerability Scoring System at http://www.securityhive.com/index.php?module=ContentExpress&func=display&ceid=3 Next will be to make it more user friendly with some links and references from the final CVSS report. Brian Erdelyi
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Interactive Vulnerability Scoring System Brian Erdelyi (Mar 03)
- Let your IDS turn on your Debugger Mike Bailey (Mar 03)
- Re: Interactive Vulnerability Scoring System Dave Aitel (Mar 04)