Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

RE: Vulnerability statistics
From: "Michael Howard" <mikehow () microsoft com>
Date: Fri, 7 Jan 2005 11:18:41 -0800
I wrote some code to pull down the CVE XML file from cve.mitre.com and
parse the results looking for keywords. This is NOT scientific, but
here's my results:

Getting stats for 2004
TotalCount      1339
isReserved      204
isRejected      15
isUnknown       50

isBO    296
isFormatString  33
isIntOverflow   53
isSQLinjection  30
isXSS   73
isInjection     60
isTooMuchTrust  119
isSymlink       49
isRace  8
isWeakPermission        13

I have yet to analyze the other bugs not in the list above - some of the
bug texts are very vague...

[Writing Secure Code] http://www.microsoft.com/mspress/books/5957.asp
[Protect Your PC] http://www.microsoft.com/protect
[Blog] http://blogs.msdn.com/michael_howard

[On-line Security Training]
http://mste/training/offerings.asp?TrainingID=53074


-----Original Message-----
From: Benjamin Livshits [mailto:livshits () cs stanford edu] 
Sent: Thursday, January 06, 2005 1:56 PM
To: webappsec () securityfocus com
Subject: Vulnerability statistics

Looking at the OWASP's top ten list, are there any recent studies as to
what fraction of vulnerabilities accounts for each of the top ten
categories?

What about the percentage of vulnerabilities caused by coding errors vs
configuration flaws?

Thanks,
-Ben

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]