28 Jul
2005
28 Jul
'05
8:26 a.m.
* Neil J. McRae:
I couldn't disagree more. Cisco are trying to control the situation as best they can so that they can deploy the needed fixes before the $scriptkiddies start having their fun. Its no different to how any other vendor handles a exploit and I'm surprised to see network operators having such an attitude.
Cisco is different in at least one regard: they only list confirmed impact, not potential impact. Thus many bugs get labeled as DoS issues, which other vendors would have described as a vulnerability which potentially enables remote code injection exploits.