From owner-freebsd-questions@FreeBSD.ORG Thu May 3 14:04:17 2007 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B1A0A16A402 for ; Thu, 3 May 2007 14:04:17 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from mail.potentialtech.com (internet.potentialtech.com [66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id 8124B13C489 for ; Thu, 3 May 2007 14:04:17 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from vanquish.pgh.priv.collaborativefusion.com (pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.potentialtech.com (Postfix) with ESMTP id B3B38EBC78; Thu, 3 May 2007 10:04:16 -0400 (EDT) Date: Thu, 3 May 2007 10:04:16 -0400 From: Bill Moran To: "darshan na" Message-Id: <20070503100416.d3d714d4.wmoran@potentialtech.com> In-Reply-To: <387cde1b0705030641x6e6c2de5r4e1daa45ce74eb9a@mail.gmail.com> References: <387cde1b0705030455p39566970uf40663721eabaeea@mail.gmail.com> <20070503083845.52414031.wmoran@potentialtech.com> <387cde1b0705030641x6e6c2de5r4e1daa45ce74eb9a@mail.gmail.com> X-Mailer: Sylpheed 2.3.1 (GTK+ 2.10.11; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org Subject: Re: Hello :Regarding the vulnerability X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2007 14:04:17 -0000 In response to "darshan na" : > Hi. > Thanks for the reply > I am really sorry It was my mistake for not checking properly > After reading again I have realised that you specify the impact and > workaround for FreeBSD releases and you provide links to their > sources .Please correct me if I am wrong I am new to this field . You are obviously new, but that's OK. We all start out new. First off, questions@freebsd.org is a mailing list for general discussion about FreeBSD. The fact that I responded to you post in no way identifies me as an expert that should be exclusively consulted for further information. As a result, I've added questions@freebsd.org back to the CC. The FreeBSD project maintains a truckload of mailing lists to facilitate collaboration within the community: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL Of particular interest to you might be this list: http://lists.freebsd.org/mailman/listinfo/freebsd-security Top-posting is also generally frowned apon. > I also wanted to know what features to you consider when publishing the > vulnerability Information about how the security team operates is here: http://www.freebsd.org/security/ If you have a number of questions, I expect you'll benefit from organizing them all into a single email and sending them (interview-style) to the FreeBSD security officer (listed on the previous page). Hope this helps. > On 5/3/07, Bill Moran wrote: > > > > In response to "darshan na" : > > > > > Hi , > > > I am student at one of the German Universtiy and i had a task of > > > Benchmarking the Vulenrability Providers based on the features they > > provide > > > and ,its really nice that you provide vulnerablity information in xml > > format > > > and this is really very useful to parse this information for analysis > > > i was checking your website where advisiories are present and i could > > not > > > find any risk level alloted to the vulnerability > > > It is difficult to analyse them without that , I just wanted to know is > > > there any particular reason for this > > > > Did you miss section III (called "Impact") that appears in every Advisory? > > > > -- > > Bill Moran > > http://www.potentialtech.com > > > -- Bill Moran http://www.potentialtech.com