Slashdot Mirror

← Back to Domains

Domain: osvdb.org

Stories and comments across the archive that link to osvdb.org.

Stories · 5

  1. Open Source Vulnerability Database Shuts Down (osvdb.org)

    It · Security · · posted by msmash · from the bad-things-happen dept. · 34 comments
    Reader StonyCreekBare writes: From the Blog at osvdb.org "As of today, a decision has been made to shut down the Open Source Vulnerability Database (OSVDB), and will not return. We are not looking for anyone to offer assistance at this point, and it will not be resurrected in its previous form. This was not an easy decision, and several of us struggled for well over ten years trying to make it work at great personal expense. The industry simply did not want to contribute and support such an effort."

  2. McAfee Grabbed Data Without Paying, Says Open Source Vulnerability Database

    It · Security · · posted by timothy · from the but-don't-say-they-didn't-ask dept. · 139 comments
    mask.of.sanity (1228908) writes with this excerpt from The Register: "'Intel security subsidiary McAfee may be in hot water after it allegedly scraped thousands of records from the Open Source Vulnerability Database instead of paying for them. The slurp was said to be conducted using fast scripts that rapidly changed the user agent, and was launched after McAfee formally inquired about purchasing a license to the data.' Law experts say the site's copyright could be breached by individuals merely downloading the information in contravention to the site's policies, and did not require the data to be subsequently disseminated."

  3. McAfee Grabbed Data Without Paying, Says Open Source Vulnerability Database

    It · Security · · posted by timothy · from the but-don't-say-they-didn't-ask dept. · 139 comments
    mask.of.sanity (1228908) writes with this excerpt from The Register: "'Intel security subsidiary McAfee may be in hot water after it allegedly scraped thousands of records from the Open Source Vulnerability Database instead of paying for them. The slurp was said to be conducted using fast scripts that rapidly changed the user agent, and was launched after McAfee formally inquired about purchasing a license to the data.' Law experts say the site's copyright could be breached by individuals merely downloading the information in contravention to the site's policies, and did not require the data to be subsequently disseminated."

  4. Solaris Telnet 0-day vulnerability

    It · Security · · posted by Hemos · from the frantically-trying-to-fix dept. · 342 comments
    philos writes "According to SANS ISC, there's a vulnerability in Solaris 10 and 11 telnet that allows anyone to remotely connect as any account, including root, without authentication. Remote access can be gained with nothing more than a telnet client. More information and a Snort signature can be found at riosec.com. Worse, this is almost identical to a bug in AIX and Linux rlogin from way back in 1994."

  5. Open Source Vulnerability Database Goes Live

    Developers · Bug · · posted by michael · from the got-bugs? dept. · 142 comments
    Alascom writes "The Open Source Vulnerability Database project has finally gone live. The project aims to provide comprehensive, free and unbiased (no vendor spin) vulnerability information. The database is being incorporated into such fine open source utilities as SNORT and NESSUS."