From: thomasng@bigfella.is-a-geek.net
Date: Wed Sep 17 2003 - 04:09:49 EDT
Hi,
Anyone know any open source methodology about categorizing
vulnerabilities? When doing a Pent Test, I need to categorize a particular
vulnerability into high medium or low risk. These vulnerabilities may be a
web application vulnerability or may be a new system vuln that has yet to
be discovered. So is there any open source methodology that give you a
guide to how to categorize the vuln?
Rgds
Thomas
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:40 EDT