[VIM] discuss: secunia footnote
jericho at attrition.org
Wed Jun 1 08:02:14 EDT 2005
Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.
This is the footnote of each Secunia entry. Is this the value add of their
service? Do they *really* do that for each entry?
No matter how you cut it, validating and verifying each and every vuln
seems a stretch. Unless you have a LOT of hardware for testing, a nice
pipe for the constant downloads, and a HUGE budget for the software and
hardware (think Oracle, DB2, Cisco, etc) .. this simply is not possible.
Not to mention the staff present to test all of this.
More information about the VIM