Linking security tracker with exploit-db ?

To: debian-security-tracker@lists.debian.org
Subject: Linking security tracker with exploit-db ?
From: Raphael Hertzog <hertzog@debian.org>
Date: Thu, 21 Mar 2013 22:38:47 +0100
Message-id: <[🔎] 20130321213847.GA22458@x230-buxy.home.ouaza.com>
Mail-followup-to: Raphael Hertzog <hertzog@debian.org>, debian-security-tracker@lists.debian.org

(I'm not subscribed to debian-security-tracker@lists.debian.org, please
keep me in CC)

Hello,

while discussing with someone at Offensive Security, I learned that
there's a mapping between CVE numbers and exploits registered in
http://www.exploit-db.com/.

I was thinking that it could be interesting to know whether exploits
are available and as such that it could be interesting to link CVE to the
corresponding exploits within the Debian security-tracker.

I believe that everything required is already available online, 
albeit only on webpages and would thus require some heavy web
scraping.

Thus if you want to pursue this idea, I can put you in contact with the
relevant person at Offensive Security. They might be willing to publish
this mapping in a more convenient way (possibly as part of the CSV file
in http://www.exploit-db.com/archive.tar.bz2 or something similar).

I though that I would throw this idea away because I find it interesting
but I just don't have the time and the desire to implement it.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Get the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: Linking security tracker with exploit-db ?
  - From: Henri Salo <henri@nerv.fi>

Prev by Date: External check
Next by Date: Re: Linking security tracker with exploit-db ?
Previous by thread: [prsc.debian.net] PRSC Fix accepted
Next by thread: Re: Linking security tracker with exploit-db ?
Index(es):
- Date
- Thread