| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4ef5fec60804191644u6d0bc768u947dc28c13a66e01@mail.gmail.com> Date: Sat, 19 Apr 2008 16:44:37 -0700 From: coderman <coderman@...il.com> To: n3td3v <xploitable@...il.com> Cc: n3td3v <n3td3v@...glegroups.com>, full-disclosure@...ts.grok.org.uk, Gadi Evron <ge@...uxbox.org> Subject: Re: defining 0day On Sat, Apr 19, 2008 at 3:44 PM, n3td3v <xploitable@...il.com> wrote: > ... > I just caught a news article that summed up nicely what 0day means... > > "A zero-day flaw is a software vulnerability that has become public > knowledge but for which no patch is available. It is particularly > dangerous since users are exposed from day zero until the day a vendor > prepares a patch and notifies users it is ready." this is still incorrect. as discussed previously: 0day is a perspective. if it comes from out of no where and pwns your ass, it is 0day. where you are on the vulnerability disclosure time-line determines your perspective. one man's 0day is another man's old news. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists