Re: Bug severity for substantial DoS vulnerability

To: debian-security@lists.debian.org
Subject: Re: Bug severity for substantial DoS vulnerability
From: Jamie Heilman <jamie@audible.transient.net>
Date: Wed, 16 Apr 2003 12:39:48 -0700
Message-id: <[🔎] 20030416193948.GF2286@audible.transient.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 873ckipb3x.fsf@deneb.enyo.de>
References: <[🔎] 873ckipb3x.fsf@deneb.enyo.de>

Florian Weimer wrote:
> What's the correct severity for substantial DoS vulnerabilities?

I'd gauge it a little based on how popular the software is in the
vulnerable configuration (which is something of a crapshoot).  Sounds
like you're talking about remotely exploitable as well, which I guess
earns it a bonus point.

-- 
Jamie Heilman                   http://audible.transient.net/~jamie/
"You came all this way, without saying squat, and now you're trying
 to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile?
 I liked you better when you weren't saying squat kid."	-Buddy

Reply to:

References:
- Bug severity for substantial DoS vulnerability
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: VPN: SSH or IPSec???
Next by Date: Re: [despammed] Re: VPN: SSH or IPSec???
Previous by thread: Bug severity for substantial DoS vulnerability
Next by thread: CORE - Snort stream4 pre-processor Integer Overflow
Index(es):
- Date
- Thread