[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[TECH] Status summary of all clusters

Attached is a summary of voting activities and candidate phases for
those clusters that still have active candidates.  It includes a list
of who voted in what cluster, how unresolved content decisions have
affected candidates in that cluster, etc.

In the next few emails, I will send out more detailed vote summaries
for various groups of clusters, which I am whimsically calling
meta-clusters.  These vote summaries will include voter comments and
any modifications I have made to the candidates.

- Steve


Terminology:
  CDs = Content Decisions
  active = proposed, but hasn't reached final decision


RECENT-04
----------------------
Recent problems announced between 12/20/1999 and 1/1/2000

Proposed: 1/10/00
Phase summary: 43 still active, 0 reached final decision, 3 affected by CDs
Voters:
Vote summary: MOREVOTES=43

RECENT-03
----------------------
Recent problems announced between 12/13/1999 and 12/20/1999

Proposed: 12/21
Phase summary: 19 still active, 0 reached final decision, 5 affected by CDs
Voters: Wall,Cole,Stracener
Vote summary: ACCEPT=6 MOREVOTES=7 ACCEPT_ACK=6

NET-01
----------------------
Various problems in network devices and protocols

Proposed: 12/21
Phase summary: 12 still active, 0 reached final decision, 0 affected by CDs
Voters: Cole,Stracener
Vote summary: MOREVOTES=6 ACCEPT_ACK=6

UNIX-UNCONF
----------------------
Various Unix problems that may not be confirmed by vendor

Proposed: 12/21
Phase summary: 42 still active, 0 reached final decision, 1 affected by CDs
Voters: Ozancin,Stracener
Vote summary: MOREVOTES=33 ACCEPT_ACK=9

MISC-01
----------------------
Miscellaneous issues in "obscure" software

Proposed: 12/21
Phase summary: 35 still active, 0 reached final decision, 4 affected by CDs
Voters: Stracener
Vote summary: MOREVOTES=35

WEB
----------------------
Problems in WWW servers and clients

Proposed: 12/13
Phase summary: 10 still active, 25 reached final decision, 3 affected by CDs
Voters: Cole,Stracener,Blake
Vote summary: ACCEPT=3 MOREVOTES=5 ACCEPT_ACK=2

UNIX-VEN
----------------------
Various problems acknowledged by Unix vendors

Proposed: 12/13
Phase summary: 8 still active, 17 reached final decision, 1 affected by CDs
Voters: Frech,Cole,Prosser,Stracener,Blake
Vote summary: ACCEPT=2 ACCEPT_REV=4 SMC_REVIEW=1 SMC_REJECT=1

LINUX
----------------------
Linux problems acknowledged by Linux vendors

Proposed: 12/13
Phase summary: 8 still active, 22 reached final decision, 0 affected by CDs
Voters: Cole,Stracener,Blake
Vote summary: ACCEPT=2 SMC_REVIEW=1 REJECT=2 ACCEPT_ACK=3

RECENT-02
----------------------
Recent problems announced between 12/04/1999 and 12/12/1999

Proposed: 12/13
Phase summary: 6 still active, 14 reached final decision, 4 affected by CDs
Voters: Cole,Stracener,Blake
Vote summary: ACCEPT=1 RECAST=2 SMC_REVIEW=3

RECENT-01
----------------------
Recent problems announced between 11/24/1999 and 12/03/1999

Proposed: 12/8
Phase summary: 40 still active, 0 reached final decision, 14 affected by CDs
Voters: Frech,Cole,Armstrong,Prosser,Stracener
Vote summary: ACCEPT=7 RECAST=1 SMC_REVIEW=3 ACCEPT_REV=27 REJECT=2

CERT2
----------------------
Other CERT advisories not covered in the CERT cluster

Proposed: 12/8
Phase summary: 3 still active, 23 reached final decision, 1 affected by CDs
Voters: Frech,Ozancin,Cole,Armstrong,Prosser,Stracener
Vote summary: ACCEPT=2 RECAST=1

MS
----------------------
Some Microsoft Advisories in 1999

Proposed: 12/8
Phase summary: 11 still active, 34 reached final decision, 4 affected by CDs
Voters: Wall,Frech,Ozancin,Cole,Prosser,Stracener
Vote summary: ACCEPT=3 RECAST=1 SMC_REVIEW=2 REJECT=5

MPAN
----------------------
MP/AN category candidates

Proposed: 8/3
Phase summary: 4 still active, 0 reached final decision, 4 affected by CDs
Voters: Wall,Northcutt
Vote summary: RECAST=1 MOREVOTES=3

SA-OTHER
----------------------
Other SA candidates

Proposed: 8/3
Phase summary: 8 still active, 0 reached final decision, 8 affected by CDs
Voters: Wall,Northcutt
Vote summary: REJECT=8

SA-LITTLE
----------------------
Presence of "little" services that are rarely necessary

Proposed: 8/3
Phase summary: 5 still active, 0 reached final decision, 5 affected by CDs
Voters: Wall,Northcutt
Vote summary: MOREVOTES=1 REJECT=4

SA-ATTACK
----------------------
Presence of services that are common attack points

Proposed: 8/3
Phase summary: 10 still active, 0 reached final decision, 10 affected by CDs
Voters: Wall,Northcutt
Vote summary: REJECT=10

SA-HIST
----------------------
Presence of services with a history of problems

Proposed: 8/3
Phase summary: 13 still active, 0 reached final decision, 13 affected by CDs
Voters: Wall,Northcutt
Vote summary: REJECT=13

NT-REGISTRY
----------------------
CF problems related to NT registry settings

Proposed: 8/3
Phase summary: 6 still active, 0 reached final decision, 6 affected by CDs
Voters: Wall,Northcutt
Vote summary: RECAST=6

DATA
----------------------
CF problems related to data access

Proposed: 8/3
Phase summary: 10 still active, 0 reached final decision, 10 affected by CDs
Voters: Wall,Northcutt
Vote summary: RECAST=6 MOREVOTES=3 REJECT=1

CFMISC
----------------------
Miscellaneous CF problems

Proposed: 7/28
Phase summary: 17 still active, 0 reached final decision, 17 affected by CDs
Voters: Shostack,Northcutt
Vote summary: RECAST=4 MOREVOTES=3 REJECT=10

NOVULN
----------------------
Problems that may be regarded as "not a vulnerability"

Proposed: 7/28
Phase summary: 19 still active, 0 reached final decision, 10 affected by CDs
Voters: Wall,Northcutt
Vote summary: MOREVOTES=6 REJECT=13

PRIVACY
----------------------
Problems related to privacy

Proposed: 7/28
Phase summary: 9 still active, 0 reached final decision, 0 affected by CDs
Voters: Wall,Northcutt
Vote summary: MOREVOTES=8 SMC_REJECT=1

DESC
----------------------
Description/information problems

Proposed: 7/28
Phase summary: 2 still active, 0 reached final decision, 0 affected by CDs
Voters: Frech,Wall,Northcutt
Vote summary: MOREVOTES=1 SMC_REVIEW=1

VERIFY-TOOL
----------------------
Problems mentioned in a tool, but not seen in other VDB's

Proposed: 7/27
Phase summary: 7 still active, 0 reached final decision, 0 affected by CDs
Voters: Frech,Shostack,Northcutt
Vote summary: MOREVOTES=6 SMC_REJECT=1

VERIFY-BUGTRAQ
----------------------
Problems discussed on Bugtraq but not seen in VDB's, or not confirmed

Proposed: 7/27
Phase summary: 23 still active, 0 reached final decision, 1 affected by CDs
Voters: Frech
Vote summary: SMC_REVIEW=2 MOREVOTES=19 REJECT=1 REVOTE=1

IDS
----------------------
Problems with IDSes

Proposed: 7/26
Phase summary: 5 still active, 0 reached final decision, 0 affected by CDs
Voters: Northcutt
Vote summary: MOREVOTES=5

FINGER
----------------------
Problems related to finger

Proposed: 7/26
Phase summary: 6 still active, 0 reached final decision, 0 affected by CDs
Voters: Frech,Shostack,Northcutt
Vote summary: MOREVOTES=1 SMC_REVIEW=1 REJECT=3 ACCEPT_ACK=1

NETCONF
----------------------
Network configuration problems

Proposed: 7/26
Phase summary: 12 still active, 0 reached final decision, 12 affected by CDs
Voters: Frech,Northcutt
Vote summary: RECAST=1 MOREVOTES=4 REJECT=7

CDEC
----------------------
Candidates affected by current content decision debates

Proposed: 7/26
Phase summary: 10 still active, 5 reached final decision, 5 affected by CDs
Voters: Frech,Wall
Vote summary: RECAST=1 MOREVOTES=3 SMC_REVIEW=5 REJECT=1

MORELOW
----------------------
More low-controversy candidates

Proposed: 7/26
Phase summary: 10 still active, 27 reached final decision, 4 affected by CDs
Voters: Frech,Wall,Ozancin
Vote summary: ACCEPT=1 SMC_REVIEW=1 MOREVOTES=7 REJECT=1

DESIGN
----------------------
Services or protocols with inherent design problems

Proposed: 7/20
Phase summary: 10 still active, 17 reached final decision, 10 affected by CDs
Voters: Wall,Frech,Ozancin,Northcutt,Meunier
Vote summary: ACCEPT=3 RECAST=2 ACCEPT_REV=1 MOREVOTES=1 REJECT=3

NTCONFIG
----------------------
Configuration problems related to NT

Proposed: 7/20
Phase summary: 13 still active, 0 reached final decision, 13 affected by CDs
Voters: Frech,Shostack,Wall,Ozancin,Northcutt
Vote summary: ACCEPT=4 RECAST=3 REJECT=6

PASS
----------------------
Configuration problems related to passwords

Proposed: 7/14
Phase summary: 14 still active, 0 reached final decision, 14 affected by CDs
Voters: Shostack,Northcutt,Meunier
Vote summary: ACCEPT=14

MULT2
----------------------
other vuln's with multiple executables/LOA content decision

Proposed: 7/13
Phase summary: 4 still active, 10 reached final decision, 0 affected by CDs
Voters: Frech,Shostack,Northcutt
Vote summary: MOREVOTES=2 REJECT=2

NOREFS
----------------------
Vulnerability has no references, but is tested by some tool

Proposed: 7/13
Phase summary: 18 still active, 5 reached final decision, 0 affected by CDs
Voters: Frech,Wall,Shostack,Northcutt,Blake
Vote summary: RECAST=1 SMC_REVIEW=3 MOREVOTES=7 REVOTE=3 SMC_REJECT=4

ONEREF
----------------------
Vulnerability only has one reference

Proposed: 7/13
Phase summary: 7 still active, 36 reached final decision, 3 affected by CDs
Voters: Frech,Shostack,Northcutt,Prosser
Vote summary: RECAST=4 SMC_REVIEW=1 SMC_REJECT=2

RESTLOW
----------------------
The rest of the low-controversy vuln's

Proposed: 6/29
Phase summary: 9 still active, 30 reached final decision, 1 affected by CDs
Voters: Ozancin,Landfield,Frech,Proctor,Northcutt,Balinsky,Prosser,Blake
Vote summary: RECAST=2 MOREVOTES=2 SMC_REVIEW=3 ACCEPT_REV=1 REJECT=1

DENY
----------------------
Some (not all) denial of service

Proposed: 6/29
Phase summary: 5 still active, 8 reached final decision, 0 affected by CDs
Voters: Meunier,Frech
Vote summary: RECAST=1 SMC_REVIEW=2 MOREVOTES=2

NTLOW
----------------------
Some low controversy NT vulnerabilities

Proposed: 6/29
Phase summary: 3 still active, 16 reached final decision, 1 affected by CDs
Voters: Wall,Frech,Blake
Vote summary: MOREVOTES=3

BUF
----------------------
Some (not all) buffer overflows in single applications

Proposed: 6/23
Phase summary: 6 still active, 26 reached final decision, 0 affected by CDs
Voters: Frech,Northcutt,Prosser
Vote summary: RECAST=1 SMC_REVIEW=3 SMC_REJECT=2

CGI
----------------------
CGI programs

Proposed: 6/23
Phase summary: 9 still active, 22 reached final decision, 1 affected by CDs
Voters: Wall,Levy,Frech,Northcutt,Prosser,Blake
Vote summary: ACCEPT=2 ACCEPT_ACK_REV=2 SMC_REVIEW=1 MOREVOTES=4

MULT
----------------------
Multiple executables split into

Proposed: 6/23
Phase summary: 19 still active, 15 reached final decision, 13 affected by CDs
Voters: Wall,Levy,Ozancin,Landfield,Frech,Northcutt,Balinsky,Prosser,Blake
Vote summary: ACCEPT=2 RECAST=4 SMC_REVIEW=2 MOREVOTES=8 ACCEPT_ACK=2 SMC_REJECT=1

VEN-BSD
----------------------
candidates with advisories from BSD vendors

Proposed: 6/17
Phase summary: 0 still active, 13 reached final decision, 0 affected by CDs
Voters: Frech
Vote summary:

VEN-OTHERS
----------------------
candidates with advisories from other vendors

Proposed: 6/17
Phase summary: 1 still active, 1 reached final decision, 1 affected by CDs
Voters: Shostack,Frech,Northcutt,Prosser
Vote summary: ACCEPT=1

VEN-SGI
----------------------
candidates with advisories from SGI vendor

Proposed: 6/17
Phase summary: 0 still active, 7 reached final decision, 0 affected by CDs
Voters:
Vote summary:

VEN-HP
----------------------
candidates with advisories from HP vendor

Proposed: 6/17
Phase summary: 0 still active, 11 reached final decision, 0 affected by CDs
Voters:
Vote summary:

VEN-SUN
----------------------
candidates with advisories from SUN vendor

Proposed: 6/17
Phase summary: 2 still active, 16 reached final decision, 1 affected by CDs
Voters: Frech,Northcutt,Prosser
Vote summary: SMC_REVIEW=2

VEN-AIX
----------------------
candidates with advisories from AIX vendor

Proposed: 6/17
Phase summary: 3 still active, 7 reached final decision, 3 affected by CDs
Voters: Shostack,Frech,Northcutt,Prosser
Vote summary: SMC_REVIEW=2 SMC_REJECT=1

CERT
----------------------
candidates associated with CERT advisories

Proposed: 6/7
Phase summary: 4 still active, 56 reached final decision, 2 affected by CDs
Voters: Wall,Shostack,Landfield,Frech,Northcutt
Vote summary: RECAST=3 ACCEPT_REV=1
Page Last Updated or Reviewed: May 22, 2007