[VIM] OT: Humor - Vulnerability News Spoof
str0ke at milw0rm.com
Mon Feb 26 09:29:56 EST 2007
On 2/26/07, security curmudgeon <jericho at attrition.org> wrote:
> Apologies to everyone for my attempted humorous spoof =)
> MITRE Announces No New Vulnerabilities in 2006
> FOR IMMEDIATE RELEASE
> MITRE Contacts:
> Steven "False Again" Christey
> Bill "That's False Too!" Heinbockel
> Bedford, Massachusetts, January 15, 2007 -- The MITRE Corporation
> announced today after extensive analysis that no new vulnerabilities were
> published in 2006.
> Throughout the year of 2006, the ongoing debate between full disclosure
> and responsible disclosure became completely moot. With 6,387 unique
> vulnerability reports made, almost every single one has since been proven
> a false reporting.
> "We at CVE have gone over the data and source code for 6,387 vulnerability
> disclosures and have concluded that 6,386 were incorrect and that no
> vulnerability was present. For the 1 report not labeled false, the path
> disclosure issue affected CertBlog 0.3beta if every PHP option was enabled
> and the administrator copied installation files back after they were
> deleted by the program." says CVE lead Steven Christey.
> Given the severity of the information, MITRE's CVE collaborated with other
> industry leaders SecurityTracker, milw0rm, Securiteam and OSVDB to
> validate these findings. "Unbelievable" was all str0ke could say about the
> previous year's disclosures. "Like any of us are really surprised?"
> replied Martin, suggesting that this was bound to happen.
> As of the time of this press release, there have been no valid
> vulnerabilities disclosed in 2007 either.
More information about the VIM