"Does not measure
vulnerabilities introduced by the enhancing technology
happened to Sun/Cobalt when they applied StackGuard poorly
l33t d00d reports “th1s proggie has zilli0ns of bugs” and supplies a patch, is that one vulnerability, or many?
"Dependence on exploits
vulnerabilities are revealed without exploits
•Should the RV test lab create exploits?
•Should the RV test lab fix broken exploits?
"Exploit success criteria
the test model
–Defcon “capture the
flag” would not regard
Slammer as a successful exploit because payload was not very