Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: For Sale: Security Vulnerability Database Company

From: Russell J Foster <rjf () russfoster com>
Date: Thu, 9 Mar 2006 11:24:20 -0800 (PST)
True. But either way, the credibility of the offer is extrememly low.
Some bozo has been "solicited" to sell a company...who is he? Is he an
attorney? A corporate raider? Someone who's gathered the freely
available info and wants to make a quick sleezy buck?

If this were a serious offer, I'd at least expect a phone number and
website (of the company brokering the sale). Not a "reply to my
googlemail account"...

-r

--- Valdis.Kletnieks () vt edu wrote:


On Wed, 08 Mar 2006 05:46:03 PST, System Outage said:


  Why would someone buy a security vulnerability database company?

Theres

already free security vulnerability databases out there. Try this

one I

recently found, you can search for anything you want

http://groups.google.com/

group/n3td3v and its free.


Geez. Somebody hand me a sharp wooden stake, a good mallet, and some
garlic
and holy water just in case... ;)

I'm sure you can *search* for anything you want there.  The value of
a database
is, however, directly related to its ability to return useful
information.

5,000 postings that all say "wow leet hole in ntp a few years ago" is
worth
nowhere near as much as one detailed technical posting of how that
exploit
leveraged a one-byte buffer overrun into a complete rooting of the
box....

_______________________________________________

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: