Tag Archives: Classification

Classification: Exploit Status Overhaul

OSVDB’s classification system is designed to categorize certain attributes of a vulnerability. This facilitates custom searches by a specific attribute, helps researchers develop metrics and gives a better picture of the vulnerability landscape. Until now, we’ve tracked if an exploit is ‘available’, ‘unavailable’, ‘rumored / private’ or ‘unknown’. While this was a good start for exploit status, it has quickly outgrown usefulness. Today, OSVDB overhauled the exploit classification to use the following:

  • exploit public – A working exploit is publicly available.
  • exploit rumored – An exploit is rumored to exist, but cannot be confirmed.
  • exploit private – An exploit exists, but is not available to the public or in a commercial framework (e.g., vulnerability pre-disclosure groups like iDefense or ZDI, researcher developed but unreleased).
  • exploit commercial – An exploit has been created and is available to customers in a commercial framework such as Canvas or CORE Impact.
  • exploit unknown – The status of a working exploit is unknown.

In addition, we are moving one existing classification to the ‘exploit’ column since it is relevant to this category:

  • exploit wormified – An exploit has been crafted to spread via ‘worm’ or ‘virus’.

As always, if you have suggestions or questions about the classification system, please mail moderators[at]osvdb.org!

Follow

Get every new post delivered to your Inbox.

Join 5,026 other followers