| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Jul 2008 09:56:03 +0100 From: "John D. Reason" <somestupidaddress@...hmail.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: how to request a cve id? On Mon, 28 Jul 2008 23:40:13 +0100 n3td3v <xploitable@...il.com> wrote: >Hi, > >How did something gay like >http://www.securityfocus.com/archive/1/494843/30/0/threaded this >get a >CVE ID? And when I click on it, >http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3100 it >says >"under review"? What's this gay shit is script kiddies with XSS >getting CVE ID's to look elite? Lmfao. > >All the best, > >n3td3v CVE's are not a mark of "coolness" or interestingness, or valuable research. They are identifiers. They identify bits of information about vulnerabilities. XSS is indeed boring if its all you can churn out but that doesn't mean they shouldn't have an identifier to help exchange information among affected parties and track when different advisories may relate to the same underlying vulnerability. You don't have to care about the vulnerability, but people running the software probably do. So chill out. Huzzah! -- Explore all of Europe's beauty! Click now for great vacation packages! http://tagline.hushmail.com/fc/Ioyw6h4ePhljC9kk7tQumeqnIapJnjpN4uJzASzF3lPg2v0IRSGbTC/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists