Hello :Regarding the vulnerability

Bill Moran wmoran at potentialtech.com
Thu May 3 14:04:17 UTC 2007 

In response to "darshan na" <darshan.na at gmail.com>:
> Hi.
> Thanks for the reply
> I am really sorry It was my mistake for not checking properly
> After reading again I have realised that you specify the impact and
> workaround for FreeBSD releases and you provide links to their
> sources .Please correct me if I am wrong I am new to this field .

You are obviously new, but that's OK.  We all start out new.

First off, questions at freebsd.org is a mailing list for general discussion
about FreeBSD.  The fact that I responded to you post in no way identifies
me as an expert that should be exclusively consulted for further
information.  As a result, I've added questions at freebsd.org back to the
CC.

The FreeBSD project maintains a truckload of mailing lists to facilitate
collaboration within the community:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL
Of particular interest to you might be this list:
http://lists.freebsd.org/mailman/listinfo/freebsd-security

Top-posting is also generally frowned apon.

> I also wanted to know what features to you consider when publishing the
> vulnerability

Information about how the security team operates is here:
http://www.freebsd.org/security/

If you have a number of questions, I expect you'll benefit from organizing
them all into a single email and sending them (interview-style) to the
FreeBSD security officer (listed on the previous page).

Hope this helps.

> On 5/3/07, Bill Moran <wmoran at potentialtech.com> wrote:
> >
> > In response to "darshan na" <darshan.na at gmail.com>:
> >
> > >  Hi ,
> > > I am student at one of the German Universtiy and i had a task of
> > > Benchmarking the Vulenrability Providers based on the features they
> > provide
> > > and ,its really nice that you provide vulnerablity information in xml
> > format
> > > and this is really very useful to parse this information for analysis
> > > i was checking your website where advisiories are present and i could
> > not
> > > find any risk level alloted to the vulnerability
> > > It is difficult to analyse them without that , I just wanted to know is
> > > there any particular reason for this
> >
> > Did you miss section III (called "Impact") that appears in every Advisory?
> >
> > --
> > Bill Moran
> > http://www.potentialtech.com
> >
> 


-- 
Bill Moran
http://www.potentialtech.com

More information about the freebsd-questions mailing list