SANS Top 20 Vulnerability List Updated

[InfoSec News <isn () c4i org>]

Forwarded from: Peter Mell <peter.mell () nist gov>

NIST has been working with SANS to provide an enhanced top 20
vulnerability list. The original list produced by SANS and the FBI
contained 20 important vulnerability areas with reference to over 140
specific vulnerabilities. We noticed that the specific vulnerability
references were not hyperlinked to associated vulnerability
information. We remedied this deficiency by providing SANS with 
a version of the document that links each of the 140 specific
vulnerabilities to the associated vulnerability entry in the 
NIST ICAT Metabase ( http://icat.nist.gov ). 

For each vulnerability, ICAT provides a short description,
vulnerability attributes (e.g. range and damage potential), vulnerable
software and version numbers, and links to a variety of vulnerability
and patch information. The revised top 20 vulnerability list is
available from SANS at http://www.sans.org/top20.htm

Peter Mell
ICAT Project Lead



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.