[VIM] How CVE is handling the ISAKMP mess

security curmudgeon jericho at attrition.org
Fri Nov 18 15:48:25 EST 2005


: FYI.  For the ISAKMP PROTOS mess, I've decided to create 3 generic CANs 
: - one for "denial of service," one for format strings, and one for 
: buffer overflows - then create specific CANs for specific 
: implementations when available.  One problem with this is that most 
: vendors probably won't provide enough details to know which type of 
: issue they're vulnerable to.  Cisco just said "denial of service" but 
: one wonders if they're vulnerable to buffer overflows and are assuming 
: that their newfangled overflow protection is just a DoS, but I digress.

OSVDB did close.. one generic entry for Denial of Service, one for 
'Unspecified' which will cover BO/FS stuff, as we get details. From there 
we'll split it out by vendor or protocol issue.



More information about the VIM mailing list