OSVDB – Classification: Minor Touch-ups and Reorganization

[This was originally published on the OSVDB blog.]

In addition to overhauling the ‘exploit’ classification, additional touch-ups and reorganization has been done to the classification system. For volunteers that help mangle entries, watch out as items have shifted in flight. For users of OSVDB, these will be mostly cosmetic changes and should not impact searching.

  • Disclosure column has been re-ordered
  • Location column has been re-ordered
  • Several locations have been touched-up. Use of ‘required’ is consistent now.
  • Context-dependent – Moved from OSVDB to Location
  • Mobile Phone expanded to include ‘Hand-held’ devices that may not be a phone
  • Patch now includes RCS as some fixes are only available from CVS, SVN, etc.
  • Removed ‘best practice’, no longer useful. We do not support SANS Top 20 x-refs any longer, since they don’t support the “20” in the Top 20.
  • Removed ‘no solution’. Until we have more volunteers and timely updates for all entries, ‘solution unknown’ is more accurate.
  • Removed ‘hijacking’ attack type. Obsolete, not really an attack type of its own.

Leave a Reply

%d bloggers like this: