|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
ACCEPT > -----Original Message----- > From: Steven M. Christey [mailto:coley@LINUS.MITRE.ORG] > Sent: Tuesday, August 17, 1999 4:43 PM > To: cve-editorial-board-list@lists.mitre.org > Subject: CD PROPOSAL: DIFFUNC (Interim Decision 8/24) > > > Please vote on this pervasive content decision using the space > provided below. This content decision is scheduled for Interim > Decision on August 24. > > - Steve > > > > Content Decision: DIFFUNC (Different Function, Different > Vulnerability) > -------------------------------------------------------------- > --------- > > VOTE: > > (Member may vote ACCEPT, MODIFY, REJECT, or NOOP.) > > > Short Description > ----------------- > > Distinguish between components, systems, and executables that are > functionally different. > > > Rationale > --------- > > This is a pervasive content decision that provides high-level guidance > for distinguishing vulnerabilities in the CVE. The definition of > "functionally different" is left vague, but refinements may be made > more explicit using other content decisions. > > > Examples > -------- > > Servers are functionally different than clients. Mail servers are > functionally different than FTP or HTTP servers. Unix is functionally > different than Windows NT. A configuration problem related to > passwords is functionally different than a problem in the access > permissions of a file system. A password is not functionally > different than a community name, a passphrase, or an NIS domain name > (though the services that *use* these "passwords" are functionally > different). >
|
||||
