Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Vulnerability statistics

RE: Vulnerability statistics

From: Michael Howard <mikehow_at_microsoft.com>
Date: Fri, 7 Jan 2005 11:18:41 -0800

I wrote some code to pull down the CVE XML file from cve.mitre.com and
parse the results looking for keywords. This is NOT scientific, but
here's my results:

Getting stats for 2004
TotalCount 1339
isReserved 204
isRejected 15
isUnknown 50

isBO 296
isFormatString 33
isIntOverflow 53
isSQLinjection 30
isXSS 73
isInjection 60
isTooMuchTrust 119
isSymlink 49
isRace 8
isWeakPermission 13

I have yet to analyze the other bugs not in the list above - some of the
bug texts are very vague...

[Writing Secure Code] http://www.microsoft.com/mspress/books/5957.asp
[Protect Your PC] http://www.microsoft.com/protect
[Blog] http://blogs.msdn.com/michael_howard

[On-line Security Training]
http://mste/training/offerings.asp?TrainingID=53074

-----Original Message-----
From: Benjamin Livshits [mailto:livshits_at_cs.stanford.edu]
Sent: Thursday, January 06, 2005 1:56 PM
To: webappsec_at_securityfocus.com
Subject: Vulnerability statistics

Looking at the OWASP's top ten list, are there any recent studies as to
what fraction of vulnerabilities accounts for each of the top ten
categories?

What about the percentage of vulnerabilities caused by coding errors vs
configuration flaws?

Thanks,
-Ben
Received on Jan 07 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]