|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
Please vote on this pervasive content decision using the space provided below. This content decision is scheduled for Interim Decision on August 24. - Steve Content Decision: DIFFUNC (Different Function, Different Vulnerability) ----------------------------------------------------------------------- VOTE: (Member may vote ACCEPT, MODIFY, REJECT, or NOOP.) Short Description ----------------- Distinguish between components, systems, and executables that are functionally different. Rationale --------- This is a pervasive content decision that provides high-level guidance for distinguishing vulnerabilities in the CVE. The definition of "functionally different" is left vague, but refinements may be made more explicit using other content decisions. Examples -------- Servers are functionally different than clients. Mail servers are functionally different than FTP or HTTP servers. Unix is functionally different than Windows NT. A configuration problem related to passwords is functionally different than a problem in the access permissions of a file system. A password is not functionally different than a community name, a passphrase, or an NIS domain name (though the services that *use* these "passwords" are functionally different).
|
||||
