[VIM] interesting thought

security curmudgeon jericho at attrition.org
Thu May 18 23:13:43 EDT 2006

this would be fairly easy to do on most of our databases, if we set it up 
to do so, and is something osvdb will be able to do at some point (its an 
existing bugzilla entry). we plan to add a classification tag for 
'solution available', which would allow us to list vulnerabilities w/o 
solutions only.

i think it will be neat that at any point, anyone can bring up a list of 
vulnerabilities with no solutions. the metric and stats for that would be 

taking it one step farther, having a 'solution date' (also on our 
bugzilla) that let you do queries and generate percentages over the 
years/months would be great. seeing there were 60% w/o solutions in 1999, 
and 80% w/o solutions in 2005 for example. of course, this also requires 
the data to be kept up to date pretty hardcore, but still.

More information about the VIM mailing list