Re: Vulnerabilities in some SCADA server softwares

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: Vulnerabilities in some SCADA server softwares
From: Theo de Raadt <deraadt@xxxxxxxxxxxxxxx>
Date: Wed, 23 Mar 2011 12:13:18 -0600
Cc: "'Luigi Auriemma'" <aluigi@xxxxxxxxxxxxx>, "'Michal Zalewski'" <lcamtuf@xxxxxxxxxxx>, "'J. Oquendo'" <sil@xxxxxxxxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: Your message of "Wed, 23 Mar 2011 10:03:22 PDT." <00b001cbe97c$37aa5f40$a6ff1dc0$@isatools.org>

> If *any* threat exists,
> that threat is increased by public exposure of unmitigated attack
> methodology

I think you have it wrong.

Public exposure increases the visibility, and therefore customers
install the patches quicker.

Without public visibility, they will keep running the old code.

Follow-Ups:
- Re: Vulnerabilities in some SCADA server softwares
  - From: CJC
- Re: Vulnerabilities in some SCADA server softwares
  - From: bugtraq
- Re: Vulnerabilities in some SCADA server softwares
  - From: J. Oquendo

References:
- RE: Vulnerabilities in some SCADA server softwares
  - From: Jim Harrison

Prev by Date: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability
Next by Date: Re: Vulnerabilities in some SCADA server softwares
Previous by thread: RE: Vulnerabilities in some SCADA server softwares
Next by thread: Re: Vulnerabilities in some SCADA server softwares
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux