funsec mailing list archives
Re: Rant: Common Malware Enumeration (CME) gets mixed reception
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 06 Oct 2005 18:19:24 +0200
For example, F-Secure mentioned that one of the newest Sober variants this morning had been assigned CME-151. Meanwhile, McAFee makes an AVERT announcement about a similar Sober variant that they feel warrants alerting their AVERT subscribers. However, if you go to the CME webpage, there is no listing for it, or any number of others.
Just like CVE, and it's not a real problem. I don't think malware life cycles are significantly shorter than vulnerability life cycles, and you can always provide local description/cross references in your own application, until the official ones are ready (the Debian testing security team does this for CVE). The real benefit is not the data MITRE provides, but the naming service. With CVE or CME, you can join information from completely different databases. For example, if you assign CVE names to your security bugs, you can automatically tell your users if they are remotely exploitable, simply by fetching the data from NVD (the NIST iCAT successor). _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Rant: Common Malware Enumeration (CME) gets mixed reception Fergie (Paul Ferguson) (Oct 06)
- Re: Rant: Common Malware Enumeration (CME) gets mixed reception Florian Weimer (Oct 06)
- Re: Rant: Common Malware Enumeration (CME) gets mixed reception Jordan Wiens (Oct 06)