lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1959724226-1288283034-cardhu_decombobulator_blackberry.rim.net-501834077-@bda309.bisx.produk.on.blackberry>
Date: Thu, 28 Oct 2010 16:24:50 +0000
From: w0lfd33m@...il.com
To: "Curt Purdy" <infosysec@...il.com>,
	full-disclosure-bounces@...ts.grok.org.uk,
	full-disclosure@...ts.grok.org.uk
Subject: Re: 0-day "vulnerability"

Yep. Totally agree. Vulnerability exists in the system since it has been developed. It is just the matter when it has been disclosed or being exploited. 

I would suggest " 0 day disclosure" instead of "0 day vulnerability" :)


------Original Message------
From: Curt Purdy
Sender: full-disclosure-bounces@...ts.grok.org.uk
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] 0-day "vulnerability"
Sent: Oct 28, 2010 8:48 PM

Sorry to rant, but I have seen this term used once too many times to
sit idly by. And used today by what I once thought was a respectable
infosec publication (that will remain nameless) while referring to the
current Firefox vulnerability (that did, by the way, once have a 0-day
sploit)  Also, by definition, a 0-day no longer exists the moment it
is announced ;)

For once and for all: There is no such thing as a "zero-day
vulnerability" (quoted), only a 0-day exploit...

Curt Purdy CISSP, GSNA, GSEC, MCSE+I, CCNA

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Sent from BlackBerry® on Airtel
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ