Penetration Testing mailing list archives
Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE)
From: Ryan Permeh <ryan () EEYE COM>
Date: Thu, 8 Mar 2001 14:05:26 -0800
CVE is sort of a tabla rosa for vulnerabilities. it doesn't cotnain much in the way of details, more like a way to "get everyone on the same page" when there are several sources of information. It, for instance, allows you to correlate a bug in SecurityFocus's database(indexed by BID and CVE) with any other CVE compliant database. You are right, however, that numerous security products do implement CVE(Retina 3 does, and BID also), but it is more of a label for various vulnerabilities, and it doesn't really have anything to do with "updates", other than the fact that new updated vulnerability sigs should contain CVE information. Signed, Ryan eEye Digital Security Team http://www.eEye.com ----- Original Message ----- From: "Marco Galimberti" <bauxsystems () YAHOO IT> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Thursday, March 08, 2001 9:05 AM Subject: Common Vulverabilities and Exposures (CVE)
Hi, I'm searching for a client-server application from which is possible
to
download vulnerabilities, exploit etc and to classificate it in a database (UNIX or better Windows (we are using microsoft OSs in the enterprise))... I've found a standard called Common Vulverabilities and Exposures (CVE) whick permit to upgrade the database of ISS and similar products. I'm not interested in suite such as ISS... just to collect the vulnerability in a simple and free database (also MS Access may be good to the purpose ;-) Somebody can help me, please? Thank you Marco _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Current thread:
- [PEN-TEST] Common Vulverabilities and Exposures (CVE) Marco Galimberti (Mar 08)
- Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE) Ryan Permeh (Mar 08)
- Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE) c0ncept (Mar 09)
- Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE) Alfred Huger (Mar 09)
- Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE) Franck Veysset (Mar 09)
- <Possible follow-ups>
- Re: [PEN-TEST] Common Vulverabilities and Exposures (CVE) Steven M. Christey (Mar 10)