Re: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)

To: cve-editorial-board-list@lists.mitre.org
Subject: Re: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
From: Pascal Meunier <pmeunier@purdue.edu>
Date: Tue, 17 Aug 1999 19:06:55 -0500
Delivery-Date: Tue Aug 17 20:49:31 1999
In-Reply-To: <199908172242.SAA01529@basie.mitre.org>
Sender: owner-cve-editorial-board-list@lists.mitre.org

>Content Decision: DIFFUNC (Different Function, Different Vulnerability)
>-----------------------------------------------------------------------
>
>VOTE:

ACCEPT


>
>(Member may vote ACCEPT, MODIFY, REJECT, or NOOP.)
>
>
>Short Description
>-----------------
>
>Distinguish between components, systems, and executables that are
>functionally different.
>
>
>Rationale
>---------
>
>This is a pervasive content decision that provides high-level guidance
>for distinguishing vulnerabilities in the CVE.  The definition of
>"functionally different" is left vague, but refinements may be made
>more explicit using other content decisions.
>
>
>Examples
>--------
>
>Servers are functionally different than clients.  Mail servers are
>functionally different than FTP or HTTP servers.  Unix is functionally
>different than Windows NT.  A configuration problem related to
>passwords is functionally different than a problem in the access
>permissions of a file system.  A password is not functionally
>different than a community name, a passphrase, or an NIS domain name
>(though the services that *use* these "passwords" are functionally
>different).

References:
- CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
  - From: "Steven M. Christey" <coley@linus.mitre.org>

Prev by Date: Re: CD PROPOSAL: DEFINITION - Interim Decision 8/23
Next by Date: Re: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
Prev by thread: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
Next by thread: Re: CD PROPOSAL: DIFFUNC (Interim Decision 8/24)
Index(es):
- Date
- Thread