> Yes, but I don't think RFC conformance is good enough a reason to > not fix a vulnerability. Everybody has known this for years. UDP small services should never be enabled, that's all.
Never is a strong word, they are immensly useful for many things.
