Full Disclosure mailing list archives
Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities
From: Jason <security () brvenik com>
Date: Sat, 24 Jun 2006 15:29:18 -0400
David Taylor wrote:
I surely didn't intend for this thread to end up going in the direction it did. I was basically just trying to say I am concerned with the numerous advisory/exploit release on the same day. No matter what the reason. And perhaps there still isn't a definition of 0-day that everyone agrees on. I basically understand it the way wikipedia has it listed.
There are several interpretations of 0-day but the basic theme is that an 0-day is better than a NO-day. For the normal people in the world that simply want to be able to go to work and make some money it can be inconvenient. The fact remains that everyone has the ability to respond in a way that is appropriate once an issue is known. Not disclosing the issue, even if the vendor has patched it, does not help. The entities that intend on exploiting vulnerabilities are fully capable of reversing a patch and discovering the vulnerability. In days past a vulnerability may have gone completely unnoticed and patched in due time as a bug; the vulnerability still existed. I would argue that the number of vulnerabilities discovered has not really increased but awareness certainly has. The composition of vulnerability disclosures has also changed but the overall number when compared to impact is not significantly different. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities, (continued)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities David Taylor (Jun 23)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities Gadi Evron (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities David Taylor (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities Gadi Evron (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities David Taylor (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities Gadi Evron (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Morning Wood (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Jason (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Valdis . Kletnieks (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities David Taylor (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Jason (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities Gadi Evron (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Jason (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities Morning Wood (Jun 24)
- Re: Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities David Taylor (Jun 23)