[VIM] How CVE is handling the ISAKMP mess
Steven M. Christey
coley at linus.mitre.org
Fri Nov 18 16:01:20 EST 2005
On Fri, 18 Nov 2005, security curmudgeon wrote:
> OSVDB did close.. one generic entry for Denial of Service, one for
> 'Unspecified' which will cover BO/FS stuff, as we get details. From there
> we'll split it out by vendor or protocol issue.
I hate splitting by "denial of service" since it's an impact (consequence)
and not a vulnerability - i.e. it gives no indication whatsoever of the
underlying fault/flaw and/or the associated attack manipulations.
"Denial of service" is the result of the exploitation of some
vulnerability - but when it's the only bit of information we have, we're
forced to use it.
One of my hopes is that "DoS" as a vulnerability concept will die a quiet
death. Let's get to the REAL problems - how the input was malformed or
otherwise manipulated, and what errors the application made when
mis-handling the inputs.
CVE has a "dos-malformed" flaw type which is always in the top 5,
specifically because it's a super-class that has no other details. That's
an indication of a large gap in vuln research these days.
More information about the VIM