Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gov't.-published List of Computer Security Holes

Posted by timothy on Thursday August 11, 2005 @07:16AM from the benefitting-the-commonwealth dept.

Arngautr writes "ScienceDaily.com reports that The U.S. government has created a 'comprehensive database of computer vulnerabilities,' The National Vulnerability Database. Updated daily, it currently includes almost 12,000 vulnerabilities. Should be a boon to IT professionals and script kiddies alike."

1 of 25 comments (clear)

Min score:

Reason:

Sort:

Re:Next step... by It+doesn't+come+easy · 2005-08-11 08:12 · Score: 2, Informative

It depends on the search criteria. The initial page doesn't tell you what it's doing. If you use the "Advanced Search" plage, and select for the Vendor, you get:
Linux = 942
Microsoft = 1097

I'm not sure who the Linux vendor is. :)

Then, if you search by remotely executable and high vulnerability, you get:
Linux = 232
Microsoft = 376

If you add "allows admin access" you get:
Linux = 110
Microsoft = 62

So, expect to see all sorts of statistics to prove one way or the other that both Windows and Linux are the more secure system. Should be fun.

One thing that might be interesting is to compare similar products to see who has the most and the worst vulnerabilities (especially if you are about to buy something).

--
The NSA: The only part of the US government that actually listens.