|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
>Content Decision: DIFFUNC (Different Function, Different Vulnerability) >----------------------------------------------------------------------- > >VOTE: ACCEPT > >(Member may vote ACCEPT, MODIFY, REJECT, or NOOP.) > > >Short Description >----------------- > >Distinguish between components, systems, and executables that are >functionally different. > > >Rationale >--------- > >This is a pervasive content decision that provides high-level guidance >for distinguishing vulnerabilities in the CVE. The definition of >"functionally different" is left vague, but refinements may be made >more explicit using other content decisions. > > >Examples >-------- > >Servers are functionally different than clients. Mail servers are >functionally different than FTP or HTTP servers. Unix is functionally >different than Windows NT. A configuration problem related to >passwords is functionally different than a problem in the access >permissions of a file system. A password is not functionally >different than a community name, a passphrase, or an NIS domain name >(though the services that *use* these "passwords" are functionally >different).
|
||||
