|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: assignments for malware
- To: jericho <jericho@attrition.org>, Kurt Seifried <kurt@seifried.org>
- Subject: Re: assignments for malware
- From: Pascal Meunier <pmeunier@cerias.purdue.edu>
- Date: Mon, 13 Aug 2018 16:01:23 -0400
- Authentication-results: spf=softfail (sender IP is 198.49.146.235) smtp.mailfrom=cerias.purdue.edu; imc.mitre.org; dkim=none (message not signed) header.d=none;imc.mitre.org; dmarc=fail action=none header.from=cerias.purdue.edu;
- Cc: CVE Editorial Board <cve-editorial-board-list@mitre.org>
- Delivery-date: Mon Aug 13 16:02:52 2018
- In-reply-to: <alpine.LNX.2.20.1808131444080.14361@forced.attrition.org>
- References: <alpine.LNX.2.20.1808131148090.14361@forced.attrition.org> <CABqVa38yfbG7dSZ3Fz=VVCaSFoCSUGma7vUF7ramQHqw6N3UiQ@mail.gmail.com> <alpine.LNX.2.20.1808131431070.14361@forced.attrition.org> <CABqVa3-HVfo_6jRbrTpOYB=Kp-QsvDUa8k5VOhGo8Aa805Wn=A@mail.gmail.com> <alpine.LNX.2.20.1808131444080.14361@forced.attrition.org>
- Reply-to: <pmeunier@cerias.purdue.edu>
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On Mon, 2018-08-13 at 14:44 -0500, jericho wrote: > On Mon, 13 Aug 2018, Kurt Seifried wrote: > > : Depending on how the names are parsed and how the namespace is > managed (or > : not) it can actually be attacked in some cases, through automated > : dependancy resolvers. And again, if there's malicious code being > : distributed and used is there some specific reason we don't want to > tell > : people about it, and would rather ignore it? > > The quick answer is 'yes', volume alone. Trying to track any site > distributing malware would be extensive to say the least. > Good point. I would add that things installed through deception are more the domain of social engineering than software engineering. If automated dependancy resolvers can be made to install such things, then I'd say the vulnerability resides in the resolvers, and I don't care about each of the large number of things that could potentially be installed. We sure want people to know about security issues that are relevant to them. However, I'd say malware instances are out of scope of the CVE, whereas flaws that allow malware installation are in scope. The malware isn't the flaw. Pascal
- Follow-Ups:
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- References:
- assignments for malware
- From: jericho <jericho@attrition.org>
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- From: jericho <jericho@attrition.org>
- Re: assignments for malware
- From: Kurt Seifried <kurt@seifried.org>
- Re: assignments for malware
- From: jericho <jericho@attrition.org>
- assignments for malware
- Prev by Date: Re: assignments for malware
- Next by Date: Re: assignments for malware
- Previous by thread: Re: assignments for malware
- Next by thread: Re: assignments for malware
- Index(es):