[VIM] OT: Humor - Vulnerability News Spoof
security curmudgeon
jericho at attrition.org
Mon Feb 26 01:12:21 EST 2007
Apologies to everyone for my attempted humorous spoof =)
--
MITRE Announces No New Vulnerabilities in 2006
FOR IMMEDIATE RELEASE
MITRE Contacts:
Steven "False Again" Christey
Bill "That's False Too!" Heinbockel
Bedford, Massachusetts, January 15, 2007 -- The MITRE Corporation
announced today after extensive analysis that no new vulnerabilities were
published in 2006.
Throughout the year of 2006, the ongoing debate between full disclosure
and responsible disclosure became completely moot. With 6,387 unique
vulnerability reports made, almost every single one has since been proven
a false reporting.
"We at CVE have gone over the data and source code for 6,387 vulnerability
disclosures and have concluded that 6,386 were incorrect and that no
vulnerability was present. For the 1 report not labeled false, the path
disclosure issue affected CertBlog 0.3beta if every PHP option was enabled
and the administrator copied installation files back after they were
deleted by the program." says CVE lead Steven Christey.
Given the severity of the information, MITRE's CVE collaborated with other
industry leaders SecurityTracker, milw0rm, Securiteam and OSVDB to
validate these findings. "Unbelievable" was all str0ke could say about the
previous year's disclosures. "Like any of us are really surprised?"
replied Martin, suggesting that this was bound to happen.
As of the time of this press release, there have been no valid
vulnerabilities disclosed in 2007 either.
More information about the VIM
mailing list