[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Survey: Use of Same Attack/Same Codebase content decision in VDB's
- To: cve-review@linus.mitre.org
- Subject: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- From: "Steven M. Christey" <coley@linus.mitre.org>
- Date: Wed, 30 Jun 1999 19:45:05 -0400 (EDT)
All: I'd prefer to delay deciding on the Same Attack/Same Codebase decisions until I hear from an IDS person. Also, I think it would help us all to know which content decision is being used by those who have created/maintained vulnerability databases. If the CVE is to be a translation mechanism, then what's out there "right now" could suggest the appropriate approach, or at least break a tie. So if you could let us know: 1) Whether you have consciously applied a Same Attack or Same Codebase content decision in your database (and which) 2) How "consistent" you believe your database is with respect to that content decision 3) If neither was a specific content decision that you made, if you believe that your database reflects one or the other 4) If your database's content decision is in conflict with what you have been advocating for the CVE, what is the nature of that conflict? If this survey is productive, I expect to ask it for the other content decisions that we discuss. Thanks, - Steve
- Follow-Ups:
- Re: Survey: Use of Same Attack/Same Codebase content decision inVDB's
- From: Gene Spafford <spaf@cs.purdue.edu>
- Re: Survey: Use of Same Attack/Same Codebase content decision inVDB's
- Prev by Date: Re: CONTENT DECISION: Different Program, Same Code
- Next by Date: Re: Survey: Use of Same Attack/Same Codebase content decision inVDB's
- Prev by thread: Re: CONTENT DECISION: Different Program, Same Code
- Next by thread: Re: Survey: Use of Same Attack/Same Codebase content decision inVDB's
- Index(es):
