[Secure-testing-team] oooold CVEs
Stefan Fritsch
sf at sfritsch.de
Mon May 22 21:12:02 UTC 2006
Hi Alec,
> CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the
> enable password in ...)
> - TODO: check
> + NOT-FOR-US: Cisco
> CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an
> attacker to cause a ...) TODO: check
You are doing really great work and, (I think) for the first time in
this year, we are actually catching up with the current issues.
However, so far we have put a cut-off at woody's release which was
mid 2002. Personally, I think there are better ways to spent your
time than on those old issues which are long fixed or have become
irrelevant.
Maybe one should remove the TODO-lines from them (I think there was
some discussion about this before). This way the webpage would give a
reasonable estimate about the number of open TODO issues, too.
What do you (and the others) think?
Cheers,
Stefan
More information about the Secure-testing-team
mailing list