[CentOS] what percent of time are there unpatched exploits against default config?

Wed Dec 28 03:13:12 UTC 2011
Bennett Haselton <bennett at peacefire.org>

Suppose I have a CentOS 5.7 machine running the default Apache with no
extra modules enabled, and with the "yum-updatesd" service running to pull
down and install updates as soon as they become available from the
repository.  (Assume further the password is strong, etc.)  On the other
hand, suppose that as the admin, I'm not subscribed to any security alert
mailing lists which send out announcements like "Please disable this
feature as a workaround until this hole is plugged", so the machine just
hums along with all of its default settings.

So the machine can still be broken into, if there is an unpatched exploit
released in the wild, in the window of time before a patch is released for
that update.  On the other hand, at any point in time where there are no
unpatched exploits in the wild, the machine should be much harder to break

Roughly what percent of the time is there such an unpatched exploit in the
wild, so that the machine can be hacked by someone keeping up with the
exploits?  5%?  50%?  95%?

Hopefully this is specific enough that the answer is not "it depends" :) ,
an actual numeric answer should exist -- although I don't know if anyone
has ever tried to work it out.  But if not, then what's a good guess, based
on observing how frequently root exploits are released in the wild, and how
long the patches usually take.