|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
CVE-Announce e-newsletter/March 7, 2006 (opt-in newsletter from the CVE Web site)
From: CVE Announce (cve
mitre.org)
Date: Tue Mar 07 2006 - 15:46:26 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Welcome to the latest edition of the CVE-Announce e-newsletter. This
email newsletter is designed to bring recent news about CVE, such as new
versions, upcoming conferences, new Web site features, etc. right to
your emailbox. Common Vulnerabilities and Exposures (CVE) is the
standard for information security vulnerability names. CVE content
results from the collaborative efforts of the CVE Editorial Board, which
is comprised of leading representatives from the information security
community. Details on subscribing (and unsubscribing) to the email
newsletter are at the end. Please feel free to pass this newsletter on
to interested colleagues.
Comments: cvemitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/March 7, 2006
-------------------------------------------------------
Contents:
1. Feature Story
2. Also in this Issue
3. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
CVE "Editor's Commentary" Page Added to CVE Web Site
A new Editor's Commentary page has been added to the GET CVE page. The
new page includes opinion and commentary about vulnerabilities, software
assurance, and related topics by CVE List Editor Steve Christey. Posts
will be either Community Issues or CVE-Specific.
Some recent posts about Community Issues include:
* What is the state of vulnerability research? 2006-02-16.
Seven open questions to vulnerability researchers, posted on Bugtraq,
intended to encourage fruitful public discussion on the topic.
* [Full-disclosure] Open Letter on the Interpretation of "Vulnerability
Statistics", 2006-01-05.
A short paper on how to interpret vulnerability statistics. Includes a
discussion about the veracity of publicly available Refined
Vulnerability Information (RVI) sources.
* [Full-disclosure] On Interpretation Conflict Vulnerabilities,
2005-11-02. A discussion about vulnerabilities that are considered
"interpretation conflicts."
* [Full-disclosure] Why Vulnerability Databases can't do everything,
2005-07-15. Commentary on the work involved in maintaining a
vulnerability database.
Some recent posts about CVE-Specific issues include:
* Managing a Candidate Request for a New Issue, 2006-01-10
* Handling Duplicate Public CVE Identifiers, 2005-06-29
* CVE Content Decisions in Action, 2005-03-23
There is no set publication schedule so check the Editor's Commentary
page regularly for new posts. You may also contact cvemitre.org with
any comments or suggestions.
LINKS:
GET CVE - http://cve.mitre.org/cve/
Editor's Commentary page - http://cve.mitre.org/cve/edcommentary.html
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* Certificate of CVE Compatibility Awarded to CA
* Certificate of CVE Compatibility Awarded to NetClarity
* Certificate of CVE Compatibility Awarded to DragonSoft Security
Associates
* Certificate of CVE Compatibility Awarded to Information Risk
Management
* Two Certificates of CVE Compatibility Awarded to NSFOCUS Information
Technology
* Certificate of CVE Compatibility Awarded to ThreatGuard
* Certificate of CVE Compatibility Awarded to Venus Information
Technology
* FuJian RongJi Software Development Company Posts CVE Compatibility
Questionnaire
* BigFix, Inc. Makes Declaration of CVE Compatibility
* Safend Makes Four Declarations of CVE Compatibility
* CVE to Present Briefing at MISTI's "FISMA Risk Management & Compliance
Training Symposium" on March 14th
* CVE Hosts Booth at "RSA Conference 2006," February 13-17
* CVE Main Focus of Article on "VoIPLoop.com"
* CVE and OVAL Main Topics of "MITRE Digest" Article
Read these stories and more news at http://cve.mitre.org/news
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Steve Christey, Information Security Technical Center.
Writer: Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CVE
and provides impartial technical guidance to the CVE Editorial Board on
all matters related to ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email
message and copy the following text to the BODY of the message "SIGNOFF
CVE-Announce-list", then send the message to: listservlists.mitre.org.
To subscribe, send an email message to listservlists.mitre.org with the
following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2006, The MITRE Corporation. CVE and the CVE logo are
registered trademarks of The MITRE Corporation.
For more information about CVE, visit the CVE Web site at
http://cve.mitre.org or send an email to cvemitre.org.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]