On Sat, May 13, 2006 at 05:35:19PM +0200, Ingo Oeser wrote:
> Hi Chris,
>
> first of all: Thanks for the good work!
>
> On Thursday, 11. May 2006 19:33, Chris Wright wrote:
> > Assigning any official severity is a bit of a slippery slope, but
> > making sure it's clear what type of issue (i.e. local DoS in this case)
> > is very reasonable.
>
> Yes, I agree.
>
> I would like to know:
> - local or remote exploitable
> - if a DoS: hang, only service failure, major slowdown
> - privilege escalation possiible and how far (valid user, root, kernel-level)
> - required privileges (root or user)
>
> That would help risk management a lot :-)
>
> If you have a lot of time: Affected software components, but these can
> be taken from the patches/commit info or CVE.
The CVE should be enough for easily getting all information you
requested.
Information whether it's a DoS or a root exploit is helpful, but any
qualified person doing risk management will anyways lookup the CVE.
> Thanks & Regards
>
> Ingo Oeser
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]