[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [TECH] High-level candidates for recent SNMP problems



Since we (eSO) are dealing with all of the same issues that Steve
mentioned, I'll add my comments.  We released one initial advisory
asap to alert our customers.  Moving forward though, we will be
adding additional advisories for each vendor, vulnerability, or
codebase as the information becomes available.

I understand the potential magnitude of these decisions for us,
but since we have access to considerable cycles, we feel that it
is necessary (as always) to Do The Right Thing.

Regards,
ken

p.s.  Who wants to meet for drinks at CodeCon this weekend or RSA
next week?

Ken Williams ; Technical Lead ; ken.williams@ey.com
eSecurityOnline - an eSecurity Venture of Ernst & Young
ken.williams@ey.com ; www.esecurityonline.com ; 1-877-eSecurity




                    Shawn Hernan <svh@CERT.ORG>
                    Sent by:                                    To:
David LeBlanc <dleblanc@MICROSOFT.COM>
                    owner-cve-editorial-board-list@lists        cc:
"Steven M. Christey" <coley@LINUS.MITRE.ORG>,
                    .mitre.org
<cve-editorial-board-list@lists.mitre.org>, (bcc: Ken
Williams/AABS/EYLLP/US)
                                                                Subject:
RE: [TECH] High-level candidates for recent SNMP problems

                    02/12/2002 10:51 PM






> IMHO, I'd put the 2 CANs you've got through and call it a day. You've
> got better things to do with your time than try and sort all this out.

As a pragmatic matter, I'm inclined to agree, though I have a tremendous
intellectual curiosity.

Shawn






______________________________________________________________________
The information contained in this message may be privileged and
confidential and protected from disclosure.  If the reader of this message
is not the intended recipient, or an employee or agent responsible for
delivering this message to the intended recipient, you are hereby notified
that any dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this communication in error,
please notify us immediately by replying to the message and deleting it
from your computer.  Thank you.  Ernst & Young LLP

Page Last Updated or Reviewed: May 22, 2007