"Things to note: Lynn and ISS contacted Cisco about this vulnerability in April and it was fixed. Vulnerable versions are no longer available from Cisco. Cisco and ISS both initially support Lynn's presentation at Black Hat. Cisco had, initially, commited to sending a representative to corraborate Lynn's findings. Lynn had been planning to give this presentation since then, which was months in advance, with the consent of both ISS and Cisco.
"On Monday before the conference Cisco and ISS decided to pull the presentation with vague reasons given. This prompted the actions by Lynn on Wednesday, resignation and release.
"It is important to note and propogate that Lynn did go through the corrrect channels for release: he contacted the vendor, the vendor issued a fix. At this point, normally, public release would be allowed and expected."