Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: 0-day "vulnerability"
From: Curt Purdy <infosysec () gmail com>
Date: Thu, 28 Oct 2010 12:31:34 -0400

OK, good points.

And since my mac dictionary widget doesn't have the term yet, I vote
for "0day dis" It has a nice ring to it ;)

Curt


On Thu, Oct 28, 2010 at 12:24 PM,  <w0lfd33m () gmail com> wrote:
Yep. Totally agree. Vulnerability exists in the system since it has been developed. It is just the matter when it has 
been disclosed or being exploited.

I would suggest " 0 day disclosure" instead of "0 day vulnerability" :)


------Original Message------
From: Curt Purdy
Sender: full-disclosure-bounces () lists grok org uk
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] 0-day "vulnerability"
Sent: Oct 28, 2010 8:48 PM

Sorry to rant, but I have seen this term used once too many times to
sit idly by. And used today by what I once thought was a respectable
infosec publication (that will remain nameless) while referring to the
current Firefox vulnerability (that did, by the way, once have a 0-day
sploit)  Also, by definition, a 0-day no longer exists the moment it
is announced ;)

For once and for all: There is no such thing as a "zero-day
vulnerability" (quoted), only a 0-day exploit...

Curt Purdy CISSP, GSNA, GSEC, MCSE+I, CCNA

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Sent from BlackBerry® on Airtel

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault