SC-L,Saw this via Gunnar Peterson's blog (http://1raindrop.typepad.com/ 1_raindrop/2007/05/common_attack_p.html)... Check out Mitre's first draft of CAPEC, the Common Attack Pattern Enumeration and Classification database (http://capec.mitre.org). It complements the existing CVE (http://cve.mitre.org) and CWE (http://cwe.mitre.org) efforts by presenting the attack patterns used to exploit the various vulnerabilities.
Great stuff that should be of interest to our readers here at SC-L, though the site itself does require Javascript to work -- boo hiss! :-)
Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________