Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Open Source Vulnerability Database Opens for Public Ac

from [fbr] Network Security [Permanent Link]
Subject: [Full-Disclosure] Open Source Vulnerability Database Opens for Public Access
Date: Wed, 31 Mar 2004 16:34:14 -0600 
Press Release, my apologies if this wasn't appropriate content for this list.

-Forrest

### BEGIN TRANSMISSION ###

Open Source Vulnerability Database Releases Free Security Data to the Public

The Open Source Vulnerability Database, a project to catalog and describe the 
world's computer security vulnerabilities, opened for public use on 31 March 
2004.

According to statistics gathered by CERT, a respected security resource at 
Carnegie Mellon University, the number of new computer security 
vulnerabilities found each year has risen over two thousand percent since 
1995. Tracking these vulnerabilities and their remedies is critical for those 
who protect networked systems against accidental misuse and deliberate 
attack, whether at home, in small businesses, or across globe-spanning 
enterprises.

The Open Source Vulnerability Database (OSVDB) is an open project to collect 
and distribute vulnerability information freely to everyone. The project team 
contains skilled volunteers working together to document every security 
vulnerability that arises. Formed in 2002, the OSVDB project has now 
completed its development of an online system to store and deliver 
vulnerability data. 

"The OSVDB's main goal is to be complete and without bias," says Jake Kouns, 
chief moderator of the OSVDB project team. "This database will serve as 
one-stop shopping for all vulnerability needs." 

The OSVDB collects vulnerability data on every type of computer software and 
operating system. Like other open-source projects, the OSVDB depends on the 
wide expertise of its contributors to provide dependable information on many 
technologies and security problems. The project's open-source license makes 
the results freely available to users worldwide.

Warren Ward, in charge of research at Winterforce, an e-commerce and security 
consultancy, says "Other vulnerability databases do exist. But there are 
frequently restrictions on their use. The OSVDB's open license frees us to 
serve our clients." 

In addition to its current capabilities, the OSVDB is planning the release of 
several new services and data products in the upcoming months. Some will make 
database access easier for end users, others will support the specialized 
tasks of software developers and security analysts.

The OSVDB online system can be found at www.OSVDB.org. 
 
###

More Information:

Jake Kouns
Open Source Vulnerability Database Project
+1.804.306.8412
jkouns@osvdb.org

Warren Ward
Winterforce
+1.780.708.0099
vpresearch@winterforce.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] Open Source Vulnerability Database Opens for Public Access, fbr <=
Previous by Date:  Re: [Full-Disclosure] New Win32 Worm regsvc32.exe offers rootkit features, Markus Koetter
Next by Date:  [Full-Disclosure] Security Hole in HTTP (RFC1945) - Browser-Spoofing, Ron Stiemer
Previous by Thread:  [Full-Disclosure] FW: Microsoft Progress Report: Security, Richard M. Smith
Next by Thread:  [Full-Disclosure] OpenLinux: vim arbitrary commands execution through modelines, please_reply_to_security
Indexes:  [Date] [Thread] [Top] [All Lists]