Bugtraq mailing list archives

RE: defining 0day

From: "Marvin Simkin" <Marvin.Simkin () asu edu>
Date: Thu, 27 Sep 2007 17:20:35 -0700

Unpatched Vulnerability: Working Exploit


"Working in a white hat's lab" is not as urgent as "being abused right now in the wild".

. . . or maybe "zero day exploit".


Proposed:

1. A 0-day EXPLOIT is an Unpatched Vulnerability that we realize is being or has been abused.

2. A 0-day VULNERABILITY: no such thing. All vulnerabilities are either Unpatched or Patched. They start out in 
Unpatched status the moment some programmer creates them. They remain Unpatched until they are Patched.

-------------------------------------
Marvin Simkin
Manager of Information Technology
School of Earth and Space Exploration
Arizona State University
http://simkin.asu.edu/

Current thread:

Re: defining 0day, (continued)
- - - Re: defining 0day Gadi Evron (Sep 25)
    - Re: defining 0day Brian Loe (Sep 25)
    - Re: defining 0day Adrian Griffis (Sep 25)
    - Re: defining 0day Brian Loe (Sep 25)
    - Re: defining 0day Andrew Weaver (Sep 25)
    - RE: defining 0day David Gillett (Sep 25)
    - Re: defining 0day Charles Miller (Sep 25)
    - Re: defining 0day Gadi Evron (Sep 25)
    - Re: defining 0day Zow (Sep 27)
    - Re: defining 0day Chad Perrin (Sep 27)
    - RE: defining 0day Marvin Simkin (Sep 28)
    - Re: defining 0day Chad Perrin (Sep 28)
    - Re: 0day: PDF pwns Windows Steve Shockley (Sep 25)
    - Re: 0day: PDF pwns Windows Iggy E (Sep 25)
- Re: 0day: PDF pwns Windows Aditya K Sood (Sep 20)
  - Re: 0day: PDF pwns Windows pdp (architect) (Sep 20)
    - Message not available
    - Re: 0day: PDF pwns Windows pdp (architect) (Sep 21)
- Re: [Full-disclosure] 0day: PDF pwns Windows Thierry Zoller (Sep 21)
  - Re: [Full-disclosure] 0day: PDF pwns Windows Kevin Finisterre (lists) (Sep 21)
  - Re: [Full-disclosure] 0day: PDF pwns Windows Aaron Collins (Sep 21)
- Re: Re: 0day: PDF pwns Windows rmk115 (Sep 21)

(Thread continues...)