| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200603091812.k29ICGw8021211@turing-police.cc.vt.edu> Date: Thu Mar 9 18:12:26 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: For Sale: Security Vulnerability Database Company On Wed, 08 Mar 2006 05:46:03 PST, System Outage said: > Why would someone buy a security vulnerability database company? Theres > already free security vulnerability databases out there. Try this one I > recently found, you can search for anything you want http://groups.google.com/ > group/n3td3v and its free. Geez. Somebody hand me a sharp wooden stake, a good mallet, and some garlic and holy water just in case... ;) I'm sure you can *search* for anything you want there. The value of a database is, however, directly related to its ability to return useful information. 5,000 postings that all say "wow leet hole in ntp a few years ago" is worth nowhere near as much as one detailed technical posting of how that exploit leveraged a one-byte buffer overrun into a complete rooting of the box.... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060309/bfa98142/attachment.bin
Powered by blists - more mailing lists