lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <DE20D559B11B214EB7DC33FF6A2EB16001EB4DD5@EX05.asurite.ad.asu.edu>
Date: Thu, 27 Sep 2007 17:20:35 -0700
From: "Marvin Simkin" <Marvin.Simkin@....edu>
To: <bugtraq@...urityfocus.com>
Subject: RE: defining 0day

> Unpatched Vulnerability: Working Exploit

"Working in a white hat's lab" is not as urgent as "being abused right now in the wild".

> . . . or maybe "zero day exploit".

Proposed:

1. A 0-day EXPLOIT is an Unpatched Vulnerability that we realize is being or has been abused.

2. A 0-day VULNERABILITY: no such thing. All vulnerabilities are either Unpatched or Patched. They start out in Unpatched status the moment some programmer creates them. They remain Unpatched until they are Patched.

-------------------------------------
Marvin Simkin
Manager of Information Technology
School of Earth and Space Exploration
Arizona State University
http://simkin.asu.edu/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ