[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Sources: Full and Partial Coverage


On Tue, 8 May 2012, Tim Keanini wrote:

: My head researcher felt that these were absent and should be considered given the infrastructure roles they play and I agree.  

: Partially Cover
: 1) http://www.exploit-db.com/ <-- if they hit this repository exploit code
: is available to the public, and it warrants a CVE.

I am curious why you chose EDB, and do not mention or suggest PacketStorm 
or inj3ct0r (1337day.com), as they both do the same thing, at least one in 
more volume than EDB. In fact, there is a big cross-over between all three 
that make daily scouring quite annoying for some VDBs. 

I only ask out of curiosity, because I could argue EDB over those, or PS 
over those, for different reasons.

: They also scratched their heads with RealPlayer being on the list but that might be something Federal market specific. 

There is likely other media-based software with a larger user installation 
base than Real, that is not currently on the list.

Page Last Updated or Reviewed: November 06, 2012