HOME ARTICLES REVIEWS IT TOOLS NEWS RELEASES ADVERTISING
You are here: IT-Observer » Press Releases RSS | White Papers |   

Open Source Vulnerability Database Releases Free Security Data To The Public

Friday, 2 April 2004 18:07 EST



The Open Source Vulnerability Database, a project to catalog and describe the world's computer security vulnerabilities, opened for public use on 31 March 2004.

According to statistics gathered by CERT, a respected security resource at Carnegie Mellon University, the number of new computer security vulnerabilities found each year has risen over two thousand percent since 1995. Tracking these vulnerabilities and their remedies is critical for those who protect networked systems against accidental misuse and deliberate attack, whether at home, in small businesses, or across globe-spanning enterprises.

The Open Source Vulnerability Database (OSVDB) is an open project to collect and distribute vulnerability information freely to everyone. The project team contains skilled volunteers working together to document every security vulnerability that arises. Formed in 2002, the OSVDB project has now completed its development of an online system to store and deliver vulnerability data.

"The OSVDB's main goal is to be complete and without bias," says Jake Kouns, chief moderator of the OSVDB project team. "This database will serve as one-stop shopping for all vulnerability needs."

The OSVDB collects vulnerability data on every type of computer software and operating system. Like other open-source projects, the OSVDB depends on the wide expertise of its contributors to provide dependable information on many technologies and security problems. The project's open-source license makes the results freely available to users worldwide.

Warren Ward, in charge of research at Winterforce, an e-commerce and security consultancy, says "Other vulnerability databases do exist. But there are frequently restrictions on their use. The OSVDB's open license frees us to serve our clients."

In addition to its current capabilities, the OSVDB is planning the release of several new services and data products in the upcoming months. Some will make database access easier for end users, others will support the specialized tasks of software developers and security analysts.

The OSVDB online system can be found at www.OSVDB.org.
GFI LANguard N.S.S. NEW v8 out now!
Complete network vulnerability management, providing powerful vulnerability scanning, patch management and auditing solution. DOWNLOAD A 30-DAY TRIAL TODAY!

Visit GFI Security Software page for more information.

 

FREE IP PBX: 3CX VOIP Phone System for Windows. No timeouts or limitations

 

Latest News

Essential Bluetooth hacking tools
25.05.07  Bluetooth provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires.

DEP for IE7 in Vista
22.05.07  Security tips blog, security-hacks, has posted details on how to enable DEP for Internet Explorer 7 in Vista.

SMB over SSH: Secure File Sharing
18.05.07  Security tips blog, security-hacks, has published an simple guide to share files securely in heterogeneous networks.

Avoid data leaks by clearing the page file
14.05.07  Security-Hacks publishes a useful tip to avoid potential data leaks when you run out of memory.

How to set Master Password in Firefox
11.05.07  Nowadays many web sites require you to type a user name and password before you can enter the site.

How to test your firewall?
10.05.07  Security tips blog, Security-Hacks, has published a compilation of tools to test your firewall: "We’ve compiled a list of tools we believe will be of value to both home users and advance users.

eEye released integer overflow auditing tool
16.02.07  Vulnerability research company eEye Security has released a free security vulnerability auditing tool that helps spotting possible integer overflow vulnerabilities.
Copyright © IT-Observer Online Publication 2000 - 2007 Top | RSS Feeds | About Us   
Site Meter