All a DoS does is prove one thing: That you can field more bandwidth than your target. Unless of course it's one where you exploit the weakness of a target system (e.g. by shutting down a service deliberately using an exploit). Else, a DoS proves little.
If a DoS exposes any kind of security issue, then a global one: That there are techniques that allow you to use little bandwidth on your end to cause the other end to drown in traffic. There are a few documented ways how you could pull this off, the most trivial one would be to spoof the IP address of your target system with some server that sends back a ton of info for a tiny request. E.g, DNS. Such an attack doesn't prove that the target system is vulnerable, it proves that the DNS protocol itself is beyond repair (and yes, it is, and there are secure replacements but ... you know, it's the internet... it works, changing stuff costs money, so...).
So what does the attack prove? Well, I wish I could say it proves without a doubt that MS and Sony have a security that matches the opaqueness of an erotic dancer's dress and should up their security (well, they do, and they should, but this attack doesn't prove that). It proves that we use technology that makes such an attack not only possible but actually trivial. And that EVERY company on the net is susceptible to something like that because unlimited bandwidth does not exist.