| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 12 Apr 2008 18:04:16 +0000 From: "josh" <mastahflank@...il.com> To: mastahflank@...il.com, "n3td3v" <xploitable@...il.com>, "Randal T. Rioux" <randy@...cyonlabs.com>, full-disclosure@...ts.grok.org.uk, "n3td3v" <n3td3v@...glegroups.com> Subject: Re: netdev threadjack And probably anyone else that replies to this. :) Sent from my BlackBerry® smartphone with SprintSpeed -----Original Message----- From: "josh" <mastahflank@...il.com> Date: Sat, 12 Apr 2008 17:59:19 To:"n3td3v" <xploitable@...il.com>,"Randal T. Rioux" <randy@...cyonlabs.com>,full-disclosure@...ts.grok.org.uk,"n3td3v" <n3td3v@...glegroups.com> Subject: Re: [Full-disclosure] netdev threadjack Enough, I'm filter this fuck. Sent from my BlackBerry® smartphone with SprintSpeed -----Original Message----- From: n3td3v <xploitable@...il.com> Date: Sat, 12 Apr 2008 18:17:57 To:"Randal T. Rioux" <randy@...cyonlabs.com>,full-disclosure@...ts.grok.org.uk, n3td3v <n3td3v@...glegroups.com> Subject: Re: [Full-disclosure] netdev threadjack What about Gadi Evron threadjacks? He is as bad as me: Impressive vulnerability, new. Not a 0day. Not to start an argument again, but fact is, people stop calling everything a 0day unless it is, say WMF, ANI, etc. exploited in the wild without being known. I don't like the mis-use of this buzzword. Gadi. http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/056846.html http://www.securityfocus.com/archive/1/480093/100/0/threaded Okay. I think we exhausted the different views, and maybe we are now able to come to a conlusion on what we WANT 0day to mean. What do you, as professional, believe 0day should mean, regardless of previous definitions? Obviously, the term has become charged in the past couple of years with the targeted office vulnerabilities attacks, WMF, ANI, etc. We require a term to address these, just as much as we do "unpatched vulnerability" or "fully disclosed vulnerability". What other such descriptions should we consider before proceeding? non-disclosure? Gadi. http://www.securityfocus.com/archive/1/480611/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/057005.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists