Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Open Letter on the Interpretation of "Vulnerability Statistics"
From: Georgi Guninski <guninski () guninski com>
Date: Fri, 6 Jan 2006 21:34:46 +0200

On Thu, Jan 05, 2006 at 02:12:32AM -0500, Steven M. Christey wrote:

Open Letter on the Interpretation of "Vulnerability Statistics"
---------------------------------------------------------------


Refined Vulnerability Information (RVI)

hahaha, buzz word?

that is vulnerability databases (including CVE/NVD)

hahaha:
http://cve.mitre.org/about/
A Dictionary, NOT a Database
(note the CAPS)
so which way is it "NOT" or "A database"?

rumors says the bsa/*aa may be after you for copyright infringment and
illegal reverse engineering. irresponsible of you, bad dog!

RVI sources collect unstructured vulnerability information from Raw
Sources. 

read: parasites cut and paste from people who can do things.

- LACK OF COMPLETE CROSS-REFERENCING BETWEEN RVI SOURCES.

read: coley does not like it that there is no officially recognized 
usa funded database (NOT a dictionary) to rule em all and manipulate
statistics.

-- 
where do you want bill gates to go today?





















_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault