[Dshield] Vulnerability Database Site
fretz at pacbell.net
Sat Apr 3 00:35:08 GMT 2004
I thought I'd send this item to the list because I seem to recall people
looking for something like it. This site has apparently has just been
officially "launched" although it may have been mentioned on this list
>From a 'ZDNet UK' article:
"The Open Source Vulnerability Database (OSVDB) has launched a free Web site
that catalogues security flaws in Internet-related software. It will, say
its creators, promote more open collaboration between companies and
individuals 'and reduce expenses inherent with the development and
maintenance of in-house vulnerability databases'."
You can take a look at the OSVDB site here:
I do not see viruses listed in the database, only software
As an example, someone earlier mentioned Apache 2 on this list, and there
are some "new" vulnerability entries for that software, (and several dozen
for the older-?- Apache version). For Apache 2 there is no specific info
given for the vulnerabilities since they're apparently newly discovered.
For the older version of Apache there are about three dozen vunerabilities
listed and for about a dozen of those the info is considered "stable". A
"stable" designation lists a few details about the vulnerability and
convenient links to other sources of information about it.
More information about the list