lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 14 Dec 2006 17:35:49 +0100
From: "Nuno Treez" <>
To: "Full Disclosure" <>
Subject: Fwd: NOT a 0day! Re: [fuzzing] OWASP Fuzzing page

---------- Forwarded message ----------
From: Nuno Treez <>
Date: 14-dic-2006 17:33
Subject: Re: [Full-disclosure] NOT a 0day! Re: [fuzzing] OWASP Fuzzing page
To: Gadi Evron <>

2006/12/14, Gadi Evron <>:

> > Wow! That's fun! The so called "Word 0 day" flaw also affects
> >! At least, 1.1.3. And, oh! Abiword does something cool
> > with the file:
> This is NOT a 0day. It is a disclosed vulnerability in full-disclosure
> mode, on a mailing list (fuzzing mailing list).
> A 0day, whatever definition you use, is used in the wild before people are
> aware of it.

Agree with you, Gadi. Need to know what we are talking about.



What is 0-day?

0-day, pronounced "Zero Day" or sometimes "Oh Day", means "new."
The term has it's origins in the warez scene, but has become firmly
entrenched in the exploit trading scene.
If a game or an exploit was release on yesterday, it is 1-day. If it
was released a full week ago, it is 7-day.
0-day is used to refer to exploits released today and exploits that
have not yet been released.
An exploit might be 0-day to you because it was just publicly
released, but two-months old to members of the group that coded the


Nuno Treez
Being a pain in the Internet's ass since 1996.
Si vis pacem para bellum. (Vegetius, Epitome rei militaris, 3. Praef.)

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists