Hosting Provided By

Re: defining 0day

From: Chad Perrin <perrin(at)apotheon.com>
Date: Thu Sep 27 2007 - 14:34:44 EDT

On Thu, Sep 27, 2007 at 05:20:35PM -0700, Marvin Simkin wrote:
> > Unpatched Vulnerability: Working Exploit
>
> "Working in a white hat's lab" is not as urgent as "being abused right now in the wild".
>
> > . . . or maybe "zero day exploit".
>
> Proposed:
>
> 1. A 0-day EXPLOIT is an Unpatched Vulnerability that we realize is being or has been abused.
>
> 2. A 0-day VULNERABILITY: no such thing. All vulnerabilities are either Unpatched or Patched. They start out in Unpatched status the moment some programmer creates them. They remain Unpatched until they are Patched.
>

That was pretty much my point -- so I'm on board.

-- 
CCD CopyWrite Chad Perrin [ 
http://ccd.apotheon.org ]
Leon Festinger: "A man with a conviction is a hard man to change. Tell him
you disagree and he turns away. Show him facts and figures and he questions
your sources. Appeal to logic and he fails to see your point."

Received on Fri Sep 28 13:16:16 2007

This message: [ Message body ]
Next message: Tony Rall: "Re: 0trace - traceroute on established connections"
Previous message: tyter9(at)gmail.com: "Re: 0trace - traceroute on established connections"
In reply to: Marvin Simkin: "RE: defining 0day"
Next in thread: Steve Shockley: "Re: 0day: PDF pwns Windows"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:18:31 EDT