lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 19 Mar 2015 07:26:09 -0400
From: Daniel Wood <daniel.wood@...sp.org>
To: James Hooker <seidrhrafn@...glemail.com>
Cc: XiaopengZhang <tfrist@...h.net>,
	"cve-assign@...re.org" <cve-assign@...re.org>,
	"fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: Re: [FD] Regarding how can I request a CVE number?

Unfortunately, this has been happening to many people within the last year. 

My suggestion is to assign your own numbering schema to them and post the details. If they gain momentum then you may get one assigned anyway if it's serious enough. 

Sent from my iPhone

> On Mar 18, 2015, at 6:32 AM, James Hooker <seidrhrafn@...glemail.com> wrote:
> 
> Hi XZ,
> 
> I managed to get a number of CVEs last year, but towards the end of the
> year they simply stopped replying, so I've given up. Whether they stopped
> replying due to work load, or whether my submissions were not up to their
> requirements I'm not sure.
> 
> If you find out any more, I'd be interested in knowing why they've stopped
> assigning CVEs to certain submission sources.
> 
> Kind regards,
> James H
> 
>> On Tue, Mar 17, 2015 at 11:25 PM, XiaopengZhang <tfrist@...h.net> wrote:
>> 
>> Hi Guys,
>> 
>> I discovered several Vuls and have reported them to the vendors, so I'd
>> like to request the CVE for them.(The vendor did not want to request CVE)
>> 
>> I ever sent some emails to cve-assign@...re.org for applying for CVE.
>> But so far still nobody replys them. I dont know what happend about this
>> email box.
>> Is my email recognised as spam? Or do I need write the email content in a
>> special format?
>> 
>> So please, can somebody here help me?
>> Thanks
>> 
>> Best wishes,
>> XZ
>> 
>> _______________________________________________
>> Sent through the Full Disclosure mailing list
>> https://nmap.org/mailman/listinfo/fulldisclosure
>> Web Archives & RSS: http://seclists.org/fulldisclosure/
> 
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ