Dailydave mailing list archives

The strategic difference of 0day

From: Dave Aitel <dave () immunityinc com>
Date: Tue, 14 Jun 2011 17:08:48 -0400

If you were building a scanner today that probed the whole "interesting"
Internet, you may or may not find that there are any good remotely
exploitable vulnerabilities. Now, of course you will find lots of PHP
bugs, SQL Injections, and other web-related things. Apparently you can
own senate.gov with such things, or PBS.org, or Sony.

But if you're old like the hills, you may remember a day when you could
overflow things like Apache and IIS, and RPC services were accessible,
and FTP servers in common use had 0day in them. And of course, there
were weirder bugs - web proxy bugs, firewall bugs, MTA bugs, SQL Server
bugs, etc.

But take today's Microsoft Tuesday patches
<http://www.microsoft.com/technet/security/bulletin/ms11-jun.mspx>, or
even the last 20 month's of Microsoft Tuesday patches, and find me *one*
good remote. *Nothing*, right? MS08_067 is the last worthy thing in your
toolbox? From three years ago?

And you find yourself asking: /Now how can that possibly be the case?/

-dave

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

The strategic difference of 0day Dave Aitel (Jun 14)
- Re: The strategic difference of 0day Anton Chuvakin (Jun 14)
  - Re: The strategic difference of 0day Rafal Los (Jun 15)
    - Re: The strategic difference of 0day Andre Gironda (Jun 15)
  - Re: The strategic difference of 0day security curmudgeon (Jun 15)
- Re: The strategic difference of 0day Robert Lemos (Jun 15)