[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
RE: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
Tried to send this, but had a sysadm error with MITRE server so here it is again
-mike
accept
-----Original Message-----
From: Steven M. Christey [mailto:coley@LINUS.MITRE.ORG]
Sent: Tuesday, August 17, 1999 5:43 PM
To: cve-editorial-board-list@lists.mitre.org
Subject: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
Please vote on this pervasive content decision using the space
provided below. This content decision is scheduled for Interim
Decision on August 24.
- Steve
Content Decision: DIFFUNC (Different Function, Different Vulnerability)
-----------------------------------------------------------------------
VOTE:
(Member may vote ACCEPT, MODIFY, REJECT, or NOOP.)
Short Description
-----------------
Distinguish between components, systems, and executables that are
functionally different.
Rationale
---------
This is a pervasive content decision that provides high-level guidance
for distinguishing vulnerabilities in the CVE. The definition of
"functionally different" is left vague, but refinements may be made
more explicit using other content decisions.
Examples
--------
Servers are functionally different than clients. Mail servers are
functionally different than FTP or HTTP servers. Unix is functionally
different than Windows NT. A configuration problem related to
passwords is functionally different than a problem in the access
permissions of a file system. A password is not functionally
different than a community name, a passphrase, or an NIS domain name
(though the services that *use* these "passwords" are functionally
different).