Uploading content for Cisco IOS

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Uploading content for Cisco IOS

Evgeniy Pavlov
Hi, Community!
We have found some vulnerability definitions at http://tools.cisco.com/security/center/publicationListing.x. That's the official repository which is presents here http://oval.mitre.org/repository/about/other_repositories.html#Cisco. Analysing that OVAL-content showed it doesn't pass the schematron validation. The typical problems are:
1) Missed descriptions
2) Missed reference_url
3) Excess "AND" operator in the root criteria tag
4) Rather formal titles, some missed comments, etc.
We're going to fix that content and share it with MITRE Repository to make the set of IOS vulnerability definitions in MITRE repository completed at this time.
How do you think, is that work useful? Is it correct to remake and adopt that content to the MITRE repository? We have also send similar request to the Cisco support team and want to get opinions from both sides :)

-------
Evgeniy Pavlov,
SCAP-developer
Phone: +7(495)543-31-01 ext. 20
http://www.altex-soft.com/

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Evgeniy Pavlov ALTEX-SOFT