Vulnerability Development mailing list archives
Re: Exploit Ease Level
From: rsavage () CROSSWINDS NET (Rory Savage)
Date: Fri, 28 Apr 2000 17:43:54 -0400
Max, I understand your comments, however I think you may have misunderstood my conern about `an Exploit Easibility Rating`. Though the amount of impact an exploit may pose vs. the amount of work needed to fix it is related, my concern was on actually 'Reproducing the Exploit' for test purposes. Where some are concerned with the impact and ease of fix, some are concerned with 'reproducing' the exploit and the amout of time and elbow greese involved. Sunch a rating could help System Administrators, and Security officals with two keys aspects. 1. The amount of effort to casue the exploit on their systems, and 2. Who is capable of the attack. I hope this cleared things up. :) Rory Savage -- Systems Administrator email: rsavage () crosswinds net .-.-.-..---..-..-..---. | | | || | || .` || |'_ `-----'`-^-'`-'`-'`-'-/ -=/ MCI WorldCom/WANG/FAA \=- work (919)-377-7702 beep (800)-PAGE-MCI page mail: 1433539 () pagemci com On Wed, 26 Apr 2000, Max Vision wrote:
On Tue, 25 Apr 2000, Rory Savage wrote:I wish there was an `Exploit Ease Refrence Level`, so when one posts an exploit, they would also post an `Easebility` level to let others know if it's an easy trick, or a drawn-out project that involves alot of time. This is just a suggestion, but I think it would really work out well, especially for these mailing lists. But I know I am farting in the wind again... and nobody cares... but in a few months, somebody will steal my idea anyway (and call it their own). In fact, I just might draft up a proposal... and see that the `scene` think about it. Cheers!Rory, This is actually a really old idea that has been around at least in commercial security scanners (such as Ballista/Cybercop) for some number of years (sometimes refered to as "complexity"). I believe several security groups are working these sorts of values into metrics of overall risk levels for various vulnerabilities (alongside impact, popularity, ease of fix, etc) - so when a hole is found, it gets a certain score for these traits and an overall threat level is determined. IMHO many times these values are dangerously wrong and can lead to problems. In some products I've seen "ease of exploit" listed as very complex when I know it to be push-button easy. Max
Current thread:
- Re: Securax Security Advisory: Windows98 contains a seriousbufferoverflow with long filenameextensions., (continued)
- Re: Securax Security Advisory: Windows98 contains a seriousbufferoverflow with long filenameextensions. Markus Kern (Apr 25)
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Schockaert, Rudy (Apr 24)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Fabio Pietrosanti (Apr 27)
- Re: Netaddress and amexmail Blue Boar (Apr 27)
- Re: Netaddress and amexmail Marc Slemko (Apr 28)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 28)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Stone (Apr 27)
- Exploit Ease Level Rory Savage (Apr 25)
- Re: Exploit Ease Level Max Vision (Apr 26)
- Re: Exploit Ease Level Rory Savage (Apr 28)
- Using php to bounce scan Thiebaut (Apr 28)
- Re: Using php to bounce scan Omachonu Ogali (Apr 28)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- corrupted link JklojLrnzn () AOL COM (Apr 30)
- Re: Using php to bounce scan Matt Rae (Apr 30)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- Re: Exploit Ease Level Max Vision (Apr 28)
- Re: Exploit Ease Level jms (Apr 29)
- Re: Exploit Ease Level Rory Savage (Apr 29)
- Re: Exploit Ease Level Mark L. Jackson (Apr 29)