to new IP-based services and platforms. Flaws in Web apps boosted bug counts for 2006 by more than a third over the previous year, according to data from four major databases tracking security and bugs: the Computer Emergency Response Team Coordination Center (CERT/CC), National Vulnerability Database, Open-Source Vulnerability Database and Symantec Vulnerability Database.
Counting both public sources and private submissions directly to the CERT Coordination Center, the group logged 8,064 vulnerabilities last year, an increase of 35 per cent over the number of flaws reported in 2005.
The three other major flaw databases, the National Vulnerability Database, the Open-Source Vulnerability Database, and the Symantec Vulnerability Database, recorded jumps anywhere from 20 to 35 per cent in 2006 compared to 2005. OSVDB estimates at least 20 per cent more vulnerabilities logged in 2006 compared to 2005.
No comments:
Post a Comment