icsa ips testing vulnerability set

[Ronny Vaningh <ronny () netrusion com>]

While I was reviewing ICSA "Network IPS Corporate Testing Criteria" I 
really got the impression that they used a fairly outdated set of 
vulnerabilities.

Most of the 219 vulnerabilities they used date back from 2001-2004.
Only 18 of them are from 2005 and none are from 2006, altough the year 
hasn't really been vulnerability less.

It also seems that they didn't test any replays of client side stuff 
which is certainly something that's on the rise ...

Altough their list is pretty enterprise oriented I'm still missing 
stuff like tomcat, mysql, db2, malformed sip.


What do you think ?

Any pointers to exploits, applications that must be included in such an 
enterprise ready test ....


Thanks


Ronny

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------