US National Vulnerability Database Down Following Malware Infestation

By Thursday, March 14, 2013 0 , , Permalink 0

The public facing site has been taken offline since last Friday because traces of malware were found on two of the web servers that house the NVD. “The National Vulnerability Database public-facing Web site and several other NIST-hosted Web sites are currently unavailable due to discovery of malware on two NIST Web servers” read an email chain posted on Google+.

According to the email, some suspicious activity was detected by NIST firewalls following which steps were taken “to block the unusual traffic from reaching the Internet.” NIST has started an investigation into the issue and as it stands the institute hasn’t found any evidence that NVD pages were used to serve malware. NIST has assured that it will be restoring the public facing site as soon as possible but, hasn’t given any timeline yet.

As of now, accessing the NVD website results into a Page not found error. The probable reason is that NIST would have cut-off access to the website in a bid to prevent the malware from spreading across the web.