[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] OSVDB (was [Funny Story])
- To: full-disclosure@lists.netsys.com
- Subject: [Full-Disclosure] OSVDB (was [Funny Story])
- From: "Gregory A. Gilliss" <ggilliss@netpublishing.com>
- Date: Tue, 16 Dec 2003 14:16:58 -0800
I second. I met one of the maintainers at BlackHat/Defcon in July, and
subsequently I offered them the option of using one of my sites as a mirror,
but never heard back. It appears that the project is staffed by engineers
with need of lawyer-ing/marketing help, not to mention the obvious (type up
the vulnerabilities). Also, how current is their DB? I mean, one would think
that they are actually running open source vulnerability Archive.
FWIW.
G
On or about 2003.12.16 14:28:24 +0000, Kurt Seifried (listuser@seifried.org)
said:
> > The reason OSVDB isn't well populated yet is that each
> > vulnerability has to be evaluated and written up afresh
> > in order to avoid violating any existing DB's copyrights.
> > That takes time. If you want to shorten that time, go
> > volunteer. :-)
>
> I like the idea of osvdb, I have concerns about the execution. I tried to
> read:
>
> http://www.osvdb.org/terms-conditions.php
>
<SNIP>
--
Gregory A. Gilliss, CISSP E-mail: greg@gilliss.com
Computer Security WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html