Home page logo

bugtraq logo Bugtraq mailing list archives

Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page
From: Gadi Evron <ge () linuxbox org>
Date: Thu, 14 Dec 2006 07:39:35 -0600 (CST)

On Thu, 14 Dec 2006, Jerome Athias wrote:
Gadi Evron a écrit :
On Tue, 12 Dec 2006, Joxean Koret wrote:
Wow! That's fun! The so called "Word 0 day" flaw also affects
OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool
with the file:

This is NOT a 0day. It is a disclosed vulnerability in full-disclosure
mode, on a mailing list (fuzzing mailing list).

I am not sure why I got this 10 times now, I thought the days of these
bounces were over. But I am tired of seeing every full-disclosure
vulnerability called a 0day anymore.

A 0day, whatever definition you use, is used in the wild before people are
aware of it.
It makes sense and I totally agree with you.
But the fact is that the things change (and not allways in the right 
direction :-()... due to the society, money, research of popularity...
Please remember us also the sense of the word "hacker" for instance, 
since nowadays it's often use to speak about "bad guy/blackhat/pirate" - 
i hope you'll agree that it's not the (our) sense

This battle is not lost. If we call it the right name and talk to the
press using the right terms, it is not lost yet. Maybe it should be, but
it is really confusing when it gets to the professional community.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]