Metasploit mailing list archives
Suggestion : Providing the DATE for exploits
From: hdm at metasploit.com (H D Moore)
Date: Tue, 18 Oct 2005 09:41:26 -0500
On Monday 17 October 2005 22:32, Michael James Reilly wrote:
I would make sure that the Metasploit team agrees with OSVDB's policy for setting disclosure dates before deciding to use their dates.
No problems here.
Also, since there is not a 1:1 corresondence between all vulnerabilities and exploits (some exploits apply to more than one vulnerability, depending on the way those vulns were cataloged) some modules may have more than one date in OSVDB...
Yup, as an initial data source, its better than doing it by hand :-)
All in all, I think it is better for Metasploit to maintain their own dates if possible.
Agreed. The current implementation places the maintenance task on the metasploit dev team. We might use OSVDB or SF to get the initial data, but we would maintain them for the long -term. -HD
Current thread:
- Suggestion : Providing the DATE for exploits, (continued)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 02)
- Rebase.... myx (Oct 01)
- Rebase.... H D Moore (Oct 02)
- Rebase.... H D Moore (Oct 02)
- Rebase.... Sean Clark (Oct 03)
- Rebase.... myx (Oct 01)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 02)
- Suggestion : Providing the DATE for exploits Frank DiRocco (Oct 02)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 02)
- Suggestion : Providing the DATE for exploits Nagareshwar Talekar (Oct 03)
- Suggestion : Providing the DATE for exploits Nagareshwar Talekar (Oct 03)
- Suggestion : Providing the DATE for exploits Michael James Reilly (Oct 17)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 18)