Home page logo

basics logo Security Basics mailing list archives

RE: Vulnebrability level definition
From: "Greg Reber" <greg.reber () astechconsulting com>
Date: Tue, 11 Feb 2003 09:36:42 -0800

Andres - we believe that there are a number of factors that influence the
'severity' of a given vulnerability, and this severity can change with time.
There are a number of network exposure management systems out there that use
different methodologies to rate vulnerabilities and present the associated
severities on a numerical scoring basis.  Ncircle (www.ncircle.com) is one
of those that seem to have a good handle on it.  Maybe they can provide you
with a synopsis of their methodology.


The information in this email is likely confidential and may be legally
privileged. It is intended solely for the addressee. Access to this email by
anyone else is unauthorized. If you are not the intended recipient,  any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it, is prohibited and may be unlawful.

-----Original Message-----
From: Andres Martinez [mailto:artiman () insightbb com]
Sent: Tuesday, February 11, 2003 8:41 AM
To: security-basics () securityfocus com; pen-test () securityfocus com
Subject: Vulnebrability level definition

I need a good definition for the levels of severity related with
I'm using Very High, High, Mid , Low, Warning

Any documentation, definition or Internet URL will be appreciated


Andres M

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]