The value of vulnerabilities

The value of vulnerabilities
Jason Miller, 2006-03-07

There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?

Expand all | Post comment

The value of vulnerabilities 2006-03-07
Anonymous (4 replies)

Re: The value of vulnerabilities 2006-03-08
infamous41md

Re: The value of vulnerabilities 2006-03-08
Anonymous

Re: The value of vulnerabilities 2006-03-08
Dancho Danchev

Re: The value of vulnerabilities 2006-03-17
Anonymous

Another viewpoint - The value of vulnerabilities 2006-03-08
Robert E. Lee

The value of vulnerabilities 2006-03-08
Matthew Murphy (1 replies)

Re: The value of vulnerabilities 2006-03-13
John Smith

The value of vulnerabilities 2006-03-08
Anonymous (1 replies)

Re: The value of vulnerabilities 2006-03-13
hi2005

The value of vulnerabilities 2006-03-08
Omar A. Herrera (2 replies)

Re:Good Points 2006-03-08
R_U_Trustified (2 replies)

Re: Re:Good Points 2006-03-09
infamous41md

Re: Re:Good Points 2006-03-09
Matthew Murphy (1 replies)

Re: Re: Re:Good Points 2006-03-14
Robert E. Lee (1 replies)

Re: Re: Re: Re:Good Points 2006-03-15
Matthew Murphy (1 replies)

Re: Re: Re: Re: Re:Good Points 2006-03-17
Anonymous

Re: The value of vulnerabilities 2006-03-13
hi2005

The value of vulnerabilities 2006-03-10
Max (1 replies)

Re: The value of vulnerabilities 2006-03-14
Robert E. Lee

Responsible disclosure 2006-03-13
Anonymous (1 replies)

Re: Responsible disclosure 2006-03-14
Robert E. Lee

The value of vulnerabilities 2006-03-16
C. Winchester

What Value? 2006-03-17
Anonymous (2 replies)

Re: What Value? 2006-03-20
infamous41md

Re: What Value? 2006-03-28
Anonymous

Where the heck do you get off saying that remotely exploitable vulns are getting fewer? Thas like the BS that strcpy sprintf bugs are dead... trust there is no shortage of retarded code.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/391/33394#33394