Bug severity for substantial DoS vulnerability

To: debian-security@lists.debian.org
Subject: Bug severity for substantial DoS vulnerability
From: Florian Weimer <fw@deneb.enyo.de>
Date: Wed, 16 Apr 2003 20:10:10 +0200
Message-id: <[🔎] 873ckipb3x.fsf@deneb.enyo.de>
Mail-followup-to: debian-security@lists.debian.org

What's the correct severity for substantial DoS vulnerabilities?

Substantial DoS vulnerabilities enable attackers to make a system
completely unusable, with little effort (say, a stream of a few
hundred small packets per second).

If I read the guidelines correctly, it's either "important" or
"grave".  Is "grave" acceptable?

Reply to:

Follow-Ups:
- Re: Bug severity for substantial DoS vulnerability
  - From: Jamie Heilman <jamie@audible.transient.net>

Prev by Date: RE: SANS Alert - Snort Vulnerability - stil Vulnerabile ?
Next by Date: Re: VPN: SSH or IPSec???
Previous by thread: Re: VPN: SSH or IPSec???
Next by thread: Re: Bug severity for substantial DoS vulnerability
Index(es):
- Date
- Thread