in
The ISM-Community » ISM Focus Areas » Commons » New Glossary Term: Vulnerability

New Glossary Term: Vulnerability

Last post 06-25-2007 9:37 PM by rybolov. 1 replies.
Page 1 of 1 (2 items)
Sort Posts: Previous Next

  • 05-10-2007 10:02 AM

    • mcurphey
    • Top 10 Contributor
    • Joined on 02-13-2007
    • Europe
    • Posts 199
    • Points 2,130

    New Glossary Term: Vulnerability

    Reply Contact

    Vulnerability: A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system's security policy.

    Example: A SQL Injection vulnerability exists in the PHP Nuke application

    Example; Mac's are also susceptible to vulnerabilities don't you know ;-)
    • Post Points: 20

  • 06-25-2007 9:37 PM In reply to

    • rybolov
    • Top 10 Contributor
    • Joined on 02-13-2007
    • Washington, DC
    • Posts 149
    • Points 910

    Re: New Glossary Term: Vulnerability

    Reply Contact

    I'm using this for the Practical Risk Assessment Methodology:

     

    Vulnerability: A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system's security policy.

    • Example: A SQL Injection vulnerability exists in the PHP Nuke application
    • Example: Lack of a viable backup solution means that we cannot restore a server
    "Those who do not understand Unix are condemned to reinvent it, poorly."
    --Henry Spencer
    Filed under:
    • Post Points: 5
Page 1 of 1 (2 items)
All Rights Reserved - The ISM-Community
Powered by Community Server (Commercial Edition), by Telligent Systems