Bugtraq mailing list archives
Re: Vulnerability Disclosure Formats (was "Re: Funny article")
From: Javier Fernandez-Sanguino <jfernandez () germinus com>
Date: Tue, 18 Nov 2003 18:50:53 +0100
Steven M. Christey wrote:
There are a couple proposals out there, but I don't think they've gotten as much attention as they deserve: Common Advisory Interchange Format
http://cert.uni-stuttgart.de/files/caif/requirements/split/requirements.html
Advisory and Notification Markup Language (ANML) http://www.opensec.org/anml/
I would also add to the list the EISPP Common Advisory Format Description”, (EISPP-D3-001-TR), version 1.2, 28 march 2003 http://www.eispp.org/commonformat.pdf Even if this one is slightly biased towards CERTs it could be used by vendors too. Regards Javier Fernandez-Sanguino
Current thread:
- Vulnerability Disclosure Formats (was "Re: Funny article") Steven M. Christey (Nov 14)
- Re: Vulnerability Disclosure Formats (was "Re: Funny article") Javier Fernandez-Sanguino (Nov 18)
- <Possible follow-ups>
- RE: Vulnerability Disclosure Formats (was "Re: Funny article") Russ (Nov 15)