Open Source Vulnerability Database (OSVDB) Crash

These days, it is very often to suffer OSVDB crashing. Today, the crash even leak the detail of structure of the server. What happens?







What is OSVDB?

“Open Sourced Vulnerability Database (OSVDB) is an independent and open-sourced database. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals.

Its goal is to provide accurate, unbiased information about security vulnerabilities in computerized equipment. The core of OSVDB is a relational database which ties various information about security vulnerabilities into a common, cross-referenced open security data source. As of November, 2013, the database catalogs over 100,000 vulnerabilities.” (Wikipedia)


Covert Redirect – Knowledge

Covert Redirect is a class of security bugs disclosed in May 2014. It is an application that takes a parameter and redirects a user to the parameter value without sufficient validation.


Security concept with mad hacker working on laptop at night


Covert Redirect is also related to single sign-on. It is well known by its influence on OAuth and OpenID. Covert Redirect was found and dubbed by a mathematics PhD student Wang Jing from School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore.


After Covert Redirect was published, it is kept in some common databases such as SCIP, OSVDB, Bugtraq, and X-Force. Its scipID is 13185, while OSVDB reference number is 106567. Bugtraq ID: 67196.  X-Force reference number is 93031.