Re: CONTENT DECISION: Content Decisions for "Password Selection" problems

To: Aleph One <aleph1@UNDERGROUND.ORG>
Subject: Re: CONTENT DECISION: Content Decisions for "Password Selection" problems
From: Gene Spafford <spaf@cs.purdue.edu>
Date: Sat, 17 Jul 1999 11:25:20 -0500
Cc: "Steven M. Christey" <coley@linus.mitre.org>, cve-editorial-board-list@lists.mitre.org
In-Reply-To: <19990716110548.A103@underground.org>
References: <199907161652.MAA14422@basie.mitre.org> <19990716110548.A103@underground.org>
Reply-To: spaf@cs.purdue.edu
Sender: owner-cve-editorial-board-list@lists.mitre.org

At 11:05 AM -0700 7/16/99, Aleph One wrote:
>
>If we follow the logic we did during our meeting at Black Hats
>then each distinct non-announced account/password should be a
>separate CVE entry. If I am using a scanner I want to know whether
>it knows about the specific 3com backdoor, not whether its knowns
>about backdoors in some general sense. Ditto for default passwords.

Very reasonable.

References:
- Re: CONTENT DECISION: Content Decisions for "Password Selection" problems
  - From: "Steven M. Christey" <coley@linus.mitre.org>
- Re: CONTENT DECISION: Content Decisions for "Password Selection" problems
  - From: Aleph One <aleph1@underground.org>

Prev by Date: Re: Issues for configuration problems in the CVE
Next by Date: Cardinality, classes was Re: Issues for configuration problems in the CVE
Prev by thread: Re: CONTENT DECISION: Content Decisions for "Password Selection" problems
Next by thread: Re: CONTENT DECISION: Content Decisions for "Password Selection" problems
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007

Common Vulnerabilities and Exposures

Re: CONTENT DECISION: Content Decisions for "Password Selection" problems