Full Disclosure mailing list archives
Re: 0day: PDF pwns Windows
From: Lawrence Paul MacIntyre <macintyrelp () ornl gov>
Date: Tue, 25 Sep 2007 15:12:23 -0400
Daylight come and me wanna go home... This one time, at band camp, Thor (Hammer of God) wrote:
For the record, the original term "O-Day" was coined by a dyslexic security engineer who listened to too much Harry Belafonte while working all night on a drink of rum. It's true. Really. t-----Original Message----- From: Roland Kuhn [mailto:rkuhn () e18 physik tu-muenchen de] Sent: Tuesday, September 25, 2007 10:58 AM To: Lamont Granquist Cc: Chad Perrin; Crispin Cowan; Casper.Dik () Sun COM; Gadi Evron; pdp (architect); bugtraq () securityfocus com; full- disclosure () lists grok org uk Subject: Re: 0day: PDF pwns Windows On 25 Sep 2007, at 00:57, Lamont Granquist wrote:The exploit is not made public by its use. The exploit is not even made public by (back-channel) sharing amongst the hacker/cracker community. The exploit is only made public if detected or the vulnerability is disclosed. Until detected/disclosed the hacker/ cracker can use their 31337 0day spl01tz to break into whichever vulnerable machines they like. 0day exploits are valuable becausetheopposition is ignorant of them. Posting exploits to BUGTRAQ, however, inherently makes them not 0day...And my ignorant self thought until this thread that the "0" in thetermreferred to the number of days of head start granted to the vendor. Silly me. Because that would make all vulnerabilities publishedwithoutprior warning to the vendor a "0day"... Roland (who seems to remember that this was once the meaning of this term)
-- Lawrence MacIntyre 865.574.8696 macintyrelp () ornl gov Oak Ridge National Laboratory Cyber Security and Information Infrastructure Research Group Protect your digital freedom and privacy, eliminate DRM. Learn more at http://www.defectivebydesign.org/what_is_drm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: defining 0day, (continued)
- Re: defining 0day don bailey (Sep 25)
- Re: defining 0day Charles Miller (Sep 25)
- Re: defining 0day Gadi Evron (Sep 25)
- Re: defining 0day scott (Sep 25)
- Re: defining 0day Zow (Sep 27)
- Re: defining 0day David Gillett (Sep 25)
- Re: defining 0day evilrabbi (Sep 26)
- defining 0day Gadi Evron (Sep 25)
- Re: defining 0day Juergen Marester (Sep 25)
- Re: defining 0day Juergen Marester (Sep 25)
- Re: 0day: PDF pwns Windows Lawrence Paul MacIntyre (Sep 25)
- Re: 0day: PDF pwns Windows Crispin Cowan (Sep 25)
- Re: 0day: PDF pwns Windows J. Oquendo (Sep 25)
- Re: 0day: PDF pwns Windows Jason (Sep 25)
- Re: 0day: PDF pwns Windows J. Oquendo (Sep 25)
- Re: 0day: PDF pwns Windows Valdis . Kletnieks (Sep 25)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)
- Re: 0day: PDF pwns Windows Jason (Sep 25)
- Re: 0day: PDF pwns Windows North, Quinn (Sep 25)
- Re: 0day: PDF pwns Windows Steven Adair (Sep 25)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)