Re: Exploit Ease Level

[dullien () GMX DE (Thomas Dullien)]

On Thu, 27 Apr 2000 10:39:42 +0200, Sebastian wrote:

Hey Sebastian,

> The idea isn't new, for example in the NAI CyberCop handbook there is a
> great list with all checks CyberCop does together with a rating how popular
> and how difficult it is to exploit this vulnerability. Btw, I think, a
> knowledgeable reader of this mailing list might have a rough impression
> of the difficulty after having checked out the situation for a couple
> of minutes. For the really wicked tricks used in exploits the reader has
> to check the exploits comments anyway in case he understands them.

Actually, the only kind of 'difficulty level' I think one could reliably
mention is the fact whether a relatively reliable exploit can be written at all :)
I mean isn't that fact enough for anyone ?
If the exploit can be written, then it will be written to be easily
usable. Thats the way life is :)
If on the other hand an exploit can only be written with substantial
information about a target system (which _exakt_ patch he has installed
or perhabs which exact base address the kernel has or whatever)
or a lot of guesswork, one can mention it. But I think a rating system
is not ... well ... useful :)

Thomas Dullien