|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Sources: Full and Partial Coverage
- To: Art Manion <amanion@cert.org>
- Subject: Re: Sources: Full and Partial Coverage
- From: security curmudgeon <jericho@attrition.org>
- Date: Mon, 25 Jun 2012 14:01:51 -0500
- CC: "'cve-editorial-board-list'" <cve-editorial-board-list@LISTS.MITRE.ORG>
- Delivery-Date: Mon Jun 25 15:02:50 2012
- In-Reply-To: <4FE8B0EC.1020802@cert.org>
- List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- References: <2F43C4D2BE8AD24C8AC17D8C64B379B316BE3E@IMCMBX01.MITRE.ORG> <ED311CBEE6993C428563DEDF6D083BC83E4ABFE7@usilms113b.ca.com> <alpine.LNX.2.00.1205091307280.10340@forced.attrition.org> <2F43C4D2BE8AD24C8AC17D8C64B379B316E94C@IMCMBX01.MITRE.ORG> <F4A3A6029AA9A54E8FA9BF5FB9834C790D6B76DF@exch-hq-1.secunia.local> <4FE8B0EC.1020802@cert.org>
- Sender: <owner-cve-editorial-board-list@LISTS.MITRE.ORG>
- User-Agent: Alpine 2.00 (LNX 1167 2008-08-23)
On Mon, 25 Jun 2012, Art Manion wrote:
: Do we really need to restrict the list of sources too heavily? I'll
: guess that Secunia and other places doesn't do all this monitoring by
: hand...?
We're fairly ghetto, but OSVDB does a *lot* of source monitoring by hand.
: 5. Have set searches for phrases that indicate important vulnerabilities
: ("overflow", "XSS", etc).
Steve Christey has contributed heavily to mine, but I have a parsing
script that I throw at any changelog to pull out interesting keywords.
I've been using this for over 5 years now, and it is the source of a LOT
of OSVDB entries that range in severity from 'unknown' to CVSS 7+, a
majority of which do not have CVE identifiers.
- Follow-Ups:
- RE: Sources: Full and Partial Coverage
- From: Carsten Eiram <che@secunia.com>
- RE: Sources: Full and Partial Coverage
- References:
- RE: Sources: Full and Partial Coverage
- From: Carsten Eiram <che@secunia.com>
- Re: Sources: Full and Partial Coverage
- From: Art Manion <amanion@cert.org>
- RE: Sources: Full and Partial Coverage
- Prev by Date: Re: Sources: Full and Partial Coverage (CNA increase)
- Next by Date: Re: Sources: Full and Partial Coverage (CNA increase)
- Prev by thread: Re: Sources: Full and Partial Coverage
- Next by thread: RE: Sources: Full and Partial Coverage
- Index(es):