[VIM] How CVE is handling the ISAKMP mess

Steven M. Christey coley at linus.mitre.org
Fri Nov 18 16:01:20 EST 2005

On Fri, 18 Nov 2005, security curmudgeon wrote:

> OSVDB did close.. one generic entry for Denial of Service, one for
> 'Unspecified' which will cover BO/FS stuff, as we get details. From there
> we'll split it out by vendor or protocol issue.

I hate splitting by "denial of service" since it's an impact (consequence)
and not a vulnerability - i.e. it gives no indication whatsoever of the
underlying fault/flaw and/or the associated attack manipulations.
"Denial of service" is the result of the exploitation of some
vulnerability - but when it's the only bit of information we have, we're
forced to use it.

One of my hopes is that "DoS" as a vulnerability concept will die a quiet
death.  Let's get to the REAL problems - how the input was malformed or
otherwise manipulated, and what errors the application made when
mis-handling the inputs.

CVE has a "dos-malformed" flaw type which is always in the top 5,
specifically because it's a super-class that has no other details.  That's
an indication of a large gap in vuln research these days.

- Steve

More information about the VIM mailing list