Full Disclosure mailing list archives
Re: Requesting/Reserving CVE Question
From: Marcus Meissner <meissner () suse de>
Date: Fri, 29 Apr 2011 08:30:52 +0200
On Thu, Apr 28, 2011 at 06:42:13PM +0300, Henri Salo wrote:
On Thu, Apr 28, 2011 at 09:14:57AM -0600, ctruncer () christophertruncer com wrote:Hello all, First off, if this isn't the place to ask this question, I apologize, and feel free to ignore this e-mail. I've found a couple vulnerabilities in a web forum/portal/etc. product called IP.Board. I was looking to reserve a CVE number, and I attempted to contact the address Mitre lists for reserving one, however, it's been nearly a month and I have not received anything back from them. This is the first vulnerability I have found, and have never requested/reserved a CVE before, so I am a little unfamiliar with the process (although based off of the following website, it looks like all I need to do is send an e-mail to them - http://cve.mitre.org/cve/obtain_id.html). I've sent follow up e-mails and I've received no response. What my question to you all is how long does this process take? Is there something else that should be done, or someone else the request should be sent to? What's time normal time frame from requesting a CVE number to hearing back from them? Thanks for any help/info/advice. I appreciate it. ChrisNo luck. With open-source you could have tried: http://oss-security.openwall.org/wiki/mailing-lists/oss-security
The oss-security list only handles opensource software, which IP.Board does not appear to be. As for Mitre, just resend the e-mail, they usually answer at some point in time. (They seem to be overworked, so its not just you.) A simple e-mail requesting one as explained in obtain_id.html should work. Ciao, Marcus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Requesting/Reserving CVE Question ctruncer (Apr 28)
- Re: Requesting/Reserving CVE Question Henri Salo (Apr 28)
- Re: Requesting/Reserving CVE Question Marcus Meissner (Apr 28)
- Re: Requesting/Reserving CVE Question Henri Salo (Apr 28)