nanog mailing list archives
RE: Cisco IOS Exploit Cover Up
From: "Hannigan, Martin" <hannigan () verisign com>
Date: Thu, 28 Jul 2005 00:22:37 -0400
..and of course: "Cisco Denies Router Vulnerability Claims" [snip]
Of course. That's how a broken vuln system works. :-) The major flaw is that the vendor decides who gets to know about a vulnerability. This causes an insecurity in "the system" because $vendor is dealing with people usually more qualified than themselves to make a decision on who needs to know and make one independant of revenue<-- . $vendor is probably not the best person to decide who gets on the secret-15 lists et. al. -M<
Current thread:
- Re: Cisco IOS Exploit Cover Up, (continued)
- Re: Cisco IOS Exploit Cover Up Jared Mauch (Jul 28)
- Re: Cisco IOS Exploit Cover Up Stephen Sprunk (Jul 28)
- RE: Cisco IOS Exploit Cover Up Fergie (Paul Ferguson) (Jul 27)
- Re: Cisco IOS Exploit Cover Up Gordon Cook (Jul 27)
- RE: Cisco IOS Exploit Cover Up Fergie (Paul Ferguson) (Jul 27)
- Re: Cisco IOS Exploit Cover Up Jeff Kell (Jul 27)
- Re: Cisco IOS Exploit Cover Up Daniel Golding (Jul 27)
- Re: Cisco IOS Exploit Cover Up Network Fortius (Jul 27)
- Re: Cisco IOS Exploit Cover Up Jason Frisvold (Jul 28)
- Re: Cisco IOS Exploit Cover Up Dan Hollis (Jul 28)
- Re: Cisco IOS Exploit Cover Up Jeff Kell (Jul 27)
- Re: Cisco IOS Exploit Cover Up Florian Weimer (Jul 28)
- RE: Cisco IOS Exploit Cover Up Geo. (Jul 28)
- RE: Cisco IOS Exploit Cover Up Randy Bush (Jul 28)
- RE: Cisco IOS Exploit Cover Up John A. Kilpatrick (Jul 28)
- Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 28)
- Re: Cisco IOS Exploit Cover Up Randy Bush (Jul 28)
- Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 28)