http://oss-security.openwall.org/wiki/ 2010-09-08T05:25:10-07:00 FeedCreator 1.7.2-ppt DokuWiki 2008-03-27T17:26:59-07:00 2008-03-27T17:26:59-07:00 2008-03-27T17:26:59-07:00 http://oss-security.openwall.org/wiki/disclosure/cve?rev=1206664019

CVE CVE ids are a unique identifier given to security flaws. The CVE FAQ describes it best A1. What is CVE? CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, repositories, and services) with this "common enumeration." Obtaining a CVE id Please see the FAQ:

2008-02-25T06:14:36-07:00 2008-02-25T06:14:36-07:00 2008-02-25T06:14:36-07:00 http://oss-security.openwall.org/wiki/disclosure/project?rev=1203948876

Project Disclosure All software contains bugs. A subset of those bugs are security flaws that allows a malicious individual to cause software to do something it shouldn't do. The best example of this is when a remote attacker leverages a flaw in a public facing service (web server or mail server for example), which then allows them access to machine resources.

2008-05-22T22:50:39-07:00 2008-05-22T22:50:39-07:00 2008-05-22T22:50:39-07:00 http://oss-security.openwall.org/wiki/disclosure/researcher?rev=1211521839

Researchers have an especially unique challenge when reporting flaws in Open Source Software. There are countless groups that the flaw could be reported to, and many of them don't have any sort of formal security contact. The purpose of this guide is to help give unfamiliar Researchers guidance when reporting security flaws they find in Open Source Software.