patch the gibson!
As a current student of Cisco's CCENT course, I would like to state that network security by design is currently being drilled deeply into my head. Currently working on VLANs, some of their attack vectors, network segregation and port security. While the SSH bugxploit is dangerous, it can be mitigated with planned out VLANs, permission levels, and/or relegating mission critical equipment configuration/modification to console only connections. While inconvenient and probably not an option in many cases ( I can't imagine management would enjoy having to send an admin cross-country to reconfigure a switch or router), security is always inverse to useability/ease-of-access.
At least the other bugs can only cause a reload of the vulnerable equipment. Yes, that can be damaging in its own way, but attackers don't have the possibility to glean sensitive network information vs the SSH authentication bug. Many of those vulnerable features can be disabled, or segregated, and having a fail-over network setup can minimize the downtime. In my opinion, at this time, a fail-over network should be running, at least the outer edges, equipment from a different vendor, and the internet facing IP should be different with DNS to help the redirection of traffic. How that might ever work in an actual large business network, let alone the acquisition, training, etc, I cannot even guess at. Ultimately if your forward facing Cisco equipment has been compromised in some way, then having a fail-over with the exact same equipment just sounds like tempting fate.
At the end of the day, a network should be like an ogre. It should have layers. We all should be a bit more concerned with that physical DoS attack wherein high voltage is fed through the Ethernet connector and gets passed around all the devices like some sort of circuit-exploding herpes.