Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: defining 0day
From: Chad Perrin <perrin () apotheon com>
Date: Thu, 27 Sep 2007 12:34:44 -0600
On Thu, Sep 27, 2007 at 05:20:35PM -0700, Marvin Simkin wrote:

Unpatched Vulnerability: Working Exploit


"Working in a white hat's lab" is not as urgent as "being abused right now in the wild".


. . . or maybe "zero day exploit".


Proposed:

1. A 0-day EXPLOIT is an Unpatched Vulnerability that we realize is being or has been abused.

2. A 0-day VULNERABILITY: no such thing. All vulnerabilities are either Unpatched or Patched. They start out in 
Unpatched status the moment some programmer creates them. They remain Unpatched until they are Patched.



That was pretty much my point -- so I'm on board.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Leon Festinger: "A man with a conviction is a hard man to change. Tell him
you disagree and he turns away. Show him facts and figures and he questions
your sources. Appeal to logic and he fails to see your point."

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]