5000+ os vulnerabilities exposed in 2005

[daniel49]

According to the US govt.
Have always wondered about the approach the "security experts" use to get vulnerabilities patched seems they often post them on the net?

http://www.us-cert.gov/cas/bulletins/SB2005.html#UnixLinux
Mindboggling isn't it? keep in mind this is for 2005 only.
A lot of them are applications that run in the os it seems as I browse the list.

 

[Phoenix86]

I have always said "it's a software problem". :laugh:

 

[Nothinman]

Have always wondered about the approach the "security experts" use to get vulnerabilities patched seems they often post them on the net?

Depends on the person, but usually you contact the vendor first to give them a chance to produce a patch. If after a certain amount of time no patch is produced you go public with the exploit to force the issue. Some people just go straight to Bugtraq for some reason, but that's generally considered bad form.

 

[Kibbo86]

Originally posted by: Phoenix86
I have always said "it's a software problem". :laugh:

Somebody provides tech support to the public.

 

[Phoenix86]

Originally posted by: Kibbo86

Originally posted by: Phoenix86
I have always said "it's a software problem". :laugh:

Somebody provides tech support to the public.

😱

I'd never provide tech support the public, well not for charge anyways. Only for free over the net.

 

[firewall]

Why am I not surprised..........

 

[CTho9305]

Wow, that list for the Linux Kernel (see the "Multiple Vendors" section) is really long.

 

[n0cmonkey]

Hmmmm, only 5 for OpenBSD? :evil:

 

[spyordie007]

Interesting

 

[Nothinman]

Wow, that list for the Linux Kernel (see the "Multiple Vendors" section) is really long.

Yea, I was surprised as well. It's not a very accurate count though because a lot of the entries on the page are marked 'updated' so they're about the same problem and some of them contain multiple problems.