[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
RE: A challenge from the CVE web site
I read this as well. One issue that they had, and I agree we need to focus
on are the new vulnerabilities that have risen since CVE went public.
Craig
> -----Original Message-----
> From: Adam Shostack [mailto:adam@HOMEPORT.ORG]
> Sent: Thursday, December 02, 1999 3:19 PM
> To: Prosser, Mike
> Cc: 'damann@MITRE.ORG'; CVE
> Subject: Re: A challenge from the CVE web site
>
>
> There is an item on hackernews today mentioning the CVE which ends
> "The database is already missing some key advisories that have been
> publicly released." I suspect that there is disapointment that the
> concordance doesn't contain more data.
>
> I think its important to stress that the CVE is not a database. I'll
> send a note to Weld explaining, and cc' the board.
>
> Adam
>
>
> On Thu, Dec 02, 1999 at 03:49:28PM -0600, Prosser, Mike wrote:
> | Dave,
> | Understand and agree that we have a lot of work that must
> be done. However,
> | I do have a quick question concerning the sender of the e-mail.
> |
> | Was he/she expecting more descriptive information on each
> vulnerability ala
> | securityfocus? Or is the expressed disappointment in the
> number of entries
> | in the current CVE db? The latter we can rectify with some
> hard work, the
> | former has never been the purpose of the CVE and just
> indicates we need to
> | work harder on informing the public I guess.
> |
> | cheers,
> | mike
> | -----Original Message-----
> | From: Dave Mann [mailto:damann@MITRE.ORG]
> | Sent: Thursday, December 02, 1999 3:10 PM
> | To: CVE
> | Subject: A challenge from the CVE web site
> |
> |
> | All,
> |
> | Here is a quote from an e-mail that we recently received
> | on the CVE web site. As we begin to do the heavy lifting
> | of voting a new round of candidates (in the face of a busy
> | holiday season), we are reminded of how important it is for
> | us to grow CVE to a credible size. Your hard work is what
> | makes this happen!
> |
> | Hopefully we can meet the ambitious goal getting 500
> | entries by Y2K.
> |
> | 'best
> |
> | Dave
> |
> |
> |
> | -------- Original Message --------
> | Dear Sir or Ma'am,
> |
> | I recently ran a search through the CVE dB and while I found the
> | number of vulnerabilities interesting for my particular subject
> | matter, I must admit I am a bit disappointed that there
> appears to be
> | very little depth in the listings of the actual vulnerabilities.
> | -------- Original Message --------
>
> --
> Tired of co-workers slowing you down? Leave them behind.
> http://jobs.zeroknowledge.com
>