Penetration Testing mailing list archives
Re: Vulnebrability level definition
From: raymond <ip_raymond () yahoo com>
Date: Fri, 14 Feb 2003 07:27:01 -0800 (PST)
Hi, I think that we should not be mixing the vulnerability and risk together. Vulnerability is the weakness of a design or system to be exploited. The risk is loss in case it happens... Therefore, CVE is all refering to Vulnerability. If you put up a MSQL Server in a standalone machine without any LAN connection. Is this a risk ? __________________________________________________ Do you Yahoo!? Yahoo! Shopping - Send Flowers for Valentine's Day http://shopping.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Vulnebrability level definition Andres Martinez (Feb 11)
- RE: Vulnebrability level definition Greg Reber (Feb 11)
- Re: Vulnebrability level definition R. DuFresne (Feb 11)
- <Possible follow-ups>
- Re: Vulnebrability level definition Per Niila Albinsson (Feb 11)
- Re: Vulnebrability level definition Damir Rajnovic (Feb 12)
- RE: Vulnebrability level definition Rob Shein (Feb 12)
- RE: Vulnebrability level definition Damir Rajnovic (Feb 13)
- RE: Vulnebrability level definition Rob Shein (Feb 14)
- Re: Vulnebrability level definition Damir Rajnovic (Feb 12)
- Re: Vulnebrability level definition raymond (Feb 14)