Full Disclosure mailing list archives

Re: defining 0day

From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 25 Sep 2007 14:20:52 -0700

What do you, as professional, believe 0day should mean, 
regardless of previous definitions?


  I think there is some slight residual usefulness to designating
vulnerabilities whose first public disclosure results from
discovery/analysis of an active exploit already "in the wild".  ("0 days"
thus being the elapsed time from public disclosure of the vulnerability to
appearance of a live threat exploiting it, a characteristic which an unknown
vulnerability may only aspire to, and a patched one may never live down.)

David Gillett




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: defining 0day, (continued)
- - - Re: defining 0day Brian Loe (Sep 25)
    - Re: defining 0day Epic (Sep 25)
    - Re: defining 0day Adrian Griffis (Sep 25)
    - Re: defining 0day Brian Loe (Sep 25)
    - Re: defining 0day Andrew Weaver (Sep 25)
    - Re: defining 0day don bailey (Sep 25)
    - Re: defining 0day Charles Miller (Sep 25)
    - Re: defining 0day Gadi Evron (Sep 25)
    - Re: defining 0day scott (Sep 25)
    - Re: defining 0day Zow (Sep 27)
    - Re: defining 0day David Gillett (Sep 25)
    - Re: defining 0day evilrabbi (Sep 26)
    - defining 0day Gadi Evron (Sep 25)
    - Re: defining 0day Juergen Marester (Sep 25)
    - Re: defining 0day Juergen Marester (Sep 25)
    - Re: 0day: PDF pwns Windows Lawrence Paul MacIntyre (Sep 25)
    - Re: 0day: PDF pwns Windows Crispin Cowan (Sep 25)
    - Re: 0day: PDF pwns Windows J. Oquendo (Sep 25)
    - Re: 0day: PDF pwns Windows Jason (Sep 25)
    - Re: 0day: PDF pwns Windows J. Oquendo (Sep 25)
    - Re: 0day: PDF pwns Windows Valdis . Kletnieks (Sep 25)

(Thread continues...)