"Does not measure
vulnerabilities introduced by the enhancing technology
ÐActually
happened to Sun/Cobalt when they applied StackGuard poorly
"Counting
vulnerabilities:
ÐWhen
l33t d00d reports Òth1s proggie has zilli0ns of bugsÓ and supplies a patch, is that one vulnerability, or many?
"Dependence on exploits
ÐMany
vulnerabilities are revealed without exploits
¥Should the RV test lab create exploits?
¥Should the RV test lab fix broken exploits?
ÐProbably yes
"Exploit success criteria
ÐDepends on
the test model
ÐDefcon Òcapture the
flagÓ would not regard
Slammer as a successful exploit because payload was not very
malicious