George Toft wrote:
> 
> Come on, it's just a script:
> 
> #!/bin/bash
> 
> # This script gets the list of vulnerabilities for each operating system
> > > ...
> > > > It would also be nice if you could plot the frequency of vulnerabilities
> > > > over time and compare a single graph...
> > >
> > > A breakdown of remotely exploitable vs locally exploitable would be
> > > good, too.
> >
> > agreed.


Just made the time to check out the site.  Most of what I wanted to see
is there to see...  I do find it interesting that they make a Linux
aggregate (I assume the sum of all Linux distro's).  This counts many,
if not most, vulnerabilities twice.  Also aggregating Win2000/NT may do
the same (although these are supposed to be different OS's).

The thing I find interesting is that RH is on par with Win* for
vulnerabilities so far this year.  Are these numbers correct?  Are we
counting apples and oranges, or is the RH count totaling all packages
while win* counting only the OS.  I really am curious about this...


  EBo --