Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open Letter on the Interpretation of "Vulnerability Statistics"

From: Georgi Guninski <guninski () guninski com>
Date: Fri, 6 Jan 2006 21:34:46 +0200
On Thu, Jan 05, 2006 at 02:12:32AM -0500, Steven M. Christey wrote:


Open Letter on the Interpretation of "Vulnerability Statistics"
---------------------------------------------------------------




Refined Vulnerability Information (RVI)


hahaha, buzz word?


that is vulnerability databases (including CVE/NVD)


hahaha:
http://cve.mitre.org/about/
A Dictionary, NOT a Database
(note the CAPS)
so which way is it "NOT" or "A database"?

rumors says the bsa/*aa may be after you for copyright infringment and
illegal reverse engineering. irresponsible of you, bad dog!


RVI sources collect unstructured vulnerability information from Raw
Sources. 


read: parasites cut and paste from people who can do things.


- LACK OF COMPLETE CROSS-REFERENCING BETWEEN RVI SOURCES.


read: coley does not like it that there is no officially recognized 
usa funded database (NOT a dictionary) to rule em all and manipulate
statistics.

-- 
where do you want bill gates to go today?





















_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: