[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: assignments for malware
- To: "Millar, Thomas" <Thomas.Millar@hq.dhs.gov>, "pmeunier@cerias.purdue.edu" <pmeunier@cerias.purdue.edu>
- Subject: Re: assignments for malware
- From: Art Manion <amanion@cert.org>
- Date: Wed, 15 Aug 2018 00:27:51 -0400
- Authentication-results: spf=neutral (sender IP is 192.52.194.235) smtp.mailfrom=cert.org; imc.mitre.org; dkim=test (signature was verified) header.d=cert.org;imc.mitre.org; dmarc=pass action=none header.from=cert.org;
- Autocrypt: addr=amanion@cert.org; keydata= xsFNBFoV8GMBEACXd7zH23Gx/W77Gr3Hs+n+BTtEt7IP0jU26vM9i4ASGewrIFZaRIOgL964 xX7Qk1wvxLl8HvUomLNHsJIZYG4EKcNkEfREO7lTx/3nYhG3wjF0DcHYuLwUkwAS3N6p9PQ7 bvEsXZMbfG0L8ASgRy0h4dWg+XGV4xT64REsIlzSsclVaHKTvP7FAMCDG70L/2wc+w24RAzs TYhfxLp4w8TBaVj/pONm+EDGVtK5u4LPLpLS0xmlGxgKP9mYSYAF3j44msAsbsuFPfWTa8JU s9yASol4pMECH24Cp3snHlSNHMl1APfVz3Xsfw5x/mekgCAPcGCARhA9ltRHLYgVMr1JCYZW JdyUB0UEiY0xvlb5JYfCFJm4fL8E2xoW/ATmDIxkU0qguL55AD2VYEwbWEsiP725YMSKBDaC cGH9fa2iuSxnflui6wR4K+FOjXfB2nF561q+HjlRb6bahdkYzWccX4fx3dSlZ6w62qRFNKAE 5zUfe2ZHwis9Bx9iqIp7Ini/sZ3ESJgMr7qlSSkYl10Esdl5CyFyxQ5g/LgzOlywdHazju13 /ckVBPo5vz9ZPOmafiUDSz6R/kbC0+nCrJSjIBvDfBWG7Gl2gon4HqB4Ji6r3+gFEFFJl+O/ PwID6Wh0jAjTQWvD+5L/vFTZ3/875Q2OcoxL9Hh4ls5ptg+7uwARAQABzR1BcnQgTWFuaW9u IDxhbWFuaW9uQGNlcnQub3JnPsLBkQQTAQgAOwIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMB ABYhBBHNrv2hhwlGumhcAVNt4uTRu2rfBQJaFmXUAhkBAAoJEFNt4uTRu2rfY1IP/j8cjh38 B0mnEo0Lk27r/mYRQhj2Yk/ClsAuPWea56BGAswtW2Q6g6DswcinjvTxrycSqAfpj2ZQP9Rx Ib/FsfozF5bC7Ja5/W4amH1NcTr/cE+sgKX3XZcRlOIrw2d0jmS1SAtDWPWn4zTYKoR7cbDz BAAABLb8/xQn7YFgf8nKQ4ZM0yOTUOnF7wG42UU0Y0ww3b+x2/ZMys0ntpz4ZSOgVJlun2xP WgFzkHu/fEJkVTPkZQweRULIGeFJBzuJP46+FMy6PJFZ/ZudzLy/VBMVAxA/yOszLbRvsl6z 3prRMgI+fJF/11ohRVQ5DWzS4AmfnI9RP6aOlUgEi4MYMcbYKrYGwguhGOpdg5iaO6ir4mhd OMcKLeV0ZqSef0ZpXTLQiTzWuFg9ECof5OCK/Y2VQ2EXyWIi7q4OPTFFoZBl2keoF6j0k272 PCYfJZIzq/ER9mfoH1+7nmIxvZ+XXQ6EoCCPv6le8VKQyZOFVgjD5rPvCeGZgAs9CRbfqYNm bF3jqeMk4kZbJ/+GsKv66M4R0VI2DijOLNF1kGXeU6s45lUBZmcT0Fb2MQ78rNItpeUP+XYj fpB0g/woOIstbSoOqpVZf++HIjnmMHj9jJrbFcMVIPac89EDcjbab3zPTMb5LHdk6AxMsWRM QqxofqoqqzNI7RiKisaDQhINXRwAzsBNBFoV8roBCADZKC4LLl6XhVvHCZZIwa9t2e+swdln YRtxwG1TDRxM1PaV7VDzB9K1FMRDC9CQQmiwI+Vl2j0Kn3BUvkCp3zmP+S7CRgK2vfP1GBAs CURE6j6M7S47qOhQvAvJK0qlF14tCBSX16CceGFV0XzfOUnQGt6m8AnVTr7WODilYsJPWUrj xLe3cKQJs7zk3iMLH1lJ7jNXlAQUgrTurVD7sl6PbKgbmDw3tIgXwep7tMOUzpiN4vCPALA+ WYL+0VxE03TZj/FqNzNrjoKXw+X3za675QnLsXww2cgLBV0Zjg3HZVDT5/0LlQjYqPnaWh3s ZG8uRJ104Thx1JVFLN4+8aDrABEBAAHCwXwEGAEIACYWIQQRza79oYcJRrpoXAFTbeLk0btq 3wUCWhXyugIbDAUJBaOagAAKCRBTbeLk0btq3zHYD/4vvS0lul3UKWGeRsVb33Y3eJ1yv4O3 EpBtmkVgCyxdG3zj8YrI15DCzhn6LSN3FqjV+wovE3SsxIrRjn7eoBA6SH54KlFRrW7pAARc NQaHFU+nX6ST6X3pOoNYzhXPZjkxoUpxyC+ehNARx+3tlQ0LScEr0L5Ttvr8W7nopWaXeuCt VI+8tjDnsCtWLaI2bYi3TYWDJdgWzNFSGYioqIxvQHIpokFZAx6fTKtEYaAqqg2cefRDgNoU bMcHmNtVMAXThLdNAx23F/sv2gV9a612ktCwl6hjKu1vuK4KGnhQu1T/oRk5EUA8jy5yBB6/ S5jwYbZR01EriZXSTXwT/gJcThBIXH8i9/4lUwdhV8+iBP/Pomhs8D7dPU7q1fUYlvVxn8iN K7IFoWdptGv+bhdNsf/qWGxVxOHwTAipr73Fl3eC5RovVM2aAK2Bx6xQFXlh4uPcI/S0gIPG tytClYZxtbXKM3qVhUTZgg1Ge6MgtgJkKWttzRciW0N9t5pZ/IbH7ax0NUv2hjHovGBXhuQb cVAEgmx90iyx9iRizCpgr3JyDNtKX+bc26aGI+mFOdiawp2HihhSazqiEpuNrxlQVWgMgmXa RduAg8L9z2CshZ6Zkcmwea79r8yDsBbwfJEZ71T0WWyfm1UcRVflPFAYb9xE8Ulgh8BQzw// z7Y5Lw==
- Cc: Kurt Seifried <kurt@seifried.org>, jericho <jericho@attrition.org>, CVE Editorial Board <cve-editorial-board-list@mitre.org>
- Delivery-date: Wed Aug 15 08:30:22 2018
- Dkim-filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu w7F4Rt0p015721
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1534307275; bh=yUUf8PcIYbAK89Pb/8UpRlxMgw2IZ96shyS10apuExA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=cHLFCEuxRmAlBwP8zwS+ZLXXrfGyeaGZCFuMKZWDoaMpyZ2t4P9nGWLJgppFJ6WyF /BHz+UuefenfFK4RMqlq1ynXpZ3jLgEXGPNckRVrR08XdAGr17xcpCaBQ2sJ9LEv2r Qg+03BDZ/DF7aN5xr8h6UwxMxO15V+anRwwAWIRc=
- In-reply-to: <678070AA-8D95-4A19-B71E-6BC519BB4BDB@hq.dhs.gov>
- Openpgp: preference=signencrypt
- References: <alpine.LNX.2.20.1808131148090.14361@forced.attrition.org> <CABqVa38yfbG7dSZ3Fz=VVCaSFoCSUGma7vUF7ramQHqw6N3UiQ@mail.gmail.com> <alpine.LNX.2.20.1808131431070.14361@forced.attrition.org> <CABqVa3-HVfo_6jRbrTpOYB=Kp-QsvDUa8k5VOhGo8Aa805Wn=A@mail.gmail.com> <alpine.LNX.2.20.1808131444080.14361@forced.attrition.org> <1534190483.29489.1.camel@cerias.purdue.edu> <CABqVa3_rEN38bHm3EYCifnV9324jVt-=yd6xAVeQDD815Ep_bw@mail.gmail.com> <1534200887.29489.4.camel@cerias.purdue.edu> <678070AA-8D95-4A19-B71E-6BC519BB4BDB@hq.dhs.gov>
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
On 2018-08-14 17:37, Millar, Thomas wrote: > Are people going to find out about and fix these issues in their > environment without a CVE? In other words, will a malware indicator > do the job? If so, then it doesn’t need to be in scope. Arguing mostly against myself, a CVE ID may well raise attention, which is desirable. The problem is opening the scope of CVE too widely. Maybe an "exposure" is that I thought some software was legit, but turns out it was not? As opposed to something that is clearly malware from the start? We have a lot of malware to assign CVE IDs to. - Art
- References:
- assignments for malware
- From: jericho <jericho@attrition.org>
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- From: jericho <jericho@attrition.org>
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- From: jericho <jericho@attrition.org>
- Re: assignments for malware
- From: Pascal Meunier <pmeunier@cerias.purdue.edu>
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- From: Pascal Meunier <pmeunier@cerias.purdue.edu>
- Re: assignments for malware
- From: "Millar, Thomas" <Thomas.Millar@hq.dhs.gov>
- assignments for malware
- Prev by Date: Re: assignments for malware
- Next by Date: Speaking of CVE for services
- Previous by thread: Re: assignments for malware
- Next by thread: Re: assignments for malware
- Index(es):
