many old IDs to reject

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

many old IDs to reject

jericho
MITRE,

I am adding the board for obvious reasons related to time-tables and
transparency. I don't expect this to be prioritized ahead of new IDs, but
this should be on your "to-do" list. Once resolved, you can simply respond
to this email with the disposition!

You have rejected some old 1999 IDs that do not meet criteria for
inclusion. e.g. http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0614

    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None.
    Reason: this candidate is solely about a configuration that does not
    directly introduce security vulnerabilities, so it is more appropriate
    to cover under the Common Configuration Enumeration (CCE). Notes: the
    former description is: "The FTP service is running."

Similar, but still active and should be REJECTed:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0636
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0548

Slightly different but essentially the same argument:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0579
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0240
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0520

Would be valid if it had actional information (e.g. vendor, product,
and/or version):

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0220

Missing provenance (Christey would be rolling in his grave):

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0285

Site-specific, likely the oldest of its kind which is interesting given
the recent discussion about including site-specific vulns:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0750

Like the above, but particularly amusing given where Web browsers are
these days =):

http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0537

.b
Loading...