funsec mailing list archives
Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on
From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 6 Oct 2005 16:35:05 GMT
Completely agreed -- as I mentioned earlier, it will be nice to have common naming convention cross-reference ability. The problem here (and perhaps not really a big problem) is the target audiences are hugely different. The CVE audience is a much smaller, specialized group of people. The CME audience is a huge, public consumer audience, that is trying to make sense of the security scare tactics. ;-) Or perhaps I'm wrong, and that isn't the target audience.... :-) - ferg -- Florian Weimer <fw () deneb enyo de> wrote:
For example, F-Secure mentioned that one of the newest Sober variants this morning had been assigned CME-151. Meanwhile, McAFee makes an AVERT announcement about a similar Sober variant that they feel warrants alerting their AVERT subscribers. However, if you go to the CME webpage, there is no listing for it, or any number of others.
Just like CVE, and it's not a real problem. I don't think malware life cycles are significantly shorter than vulnerability life cycles, and you can always provide local description/cross references in your own application, until the official ones are ready (the Debian testing security team does this for CVE). The real benefit is not the data MITRE provides, but the naming service. With CVE or CME, you can join information from completely different databases. For example, if you assign CVE names to your security bugs, you can automatically tell your users if they are remotely exploitable, simply by fetching the data from NVD (the NIST iCAT successor). -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on Fergie (Paul Ferguson) (Oct 06)
- <Possible follow-ups>
- Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on Fergie (Paul Ferguson) (Oct 06)