[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] [fuzzing] NOT a 0day! Re: OWASP Fuzzing page
- To: Gadi Evron <ge@xxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] [fuzzing] NOT a 0day! Re: OWASP Fuzzing page
- From: Jerome Athias <jerome.athias@xxxxxxx>
- Date: Thu, 14 Dec 2006 14:32:11 +0100
Gadi Evron a écrit :
> On Tue, 12 Dec 2006, Joxean Koret wrote:
>
>> Wow! That's fun! The so called "Word 0 day" flaw also affects
>> OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool
>> with the file:
>>
>
> This is NOT a 0day. It is a disclosed vulnerability in full-disclosure
> mode, on a mailing list (fuzzing mailing list).
>
> I am not sure why I got this 10 times now, I thought the days of these
> bounces were over. But I am tired of seeing every full-disclosure
> vulnerability called a 0day anymore.
>
> A 0day, whatever definition you use, is used in the wild before people are
> aware of it.
It makes sense and I totally agree with you.
But the fact is that the things change (and not allways in the right
direction :-()... due to the society, money, research of popularity...
Please remember us also the sense of the word "hacker" for instance,
since nowadays it's often use to speak about "bad guy/blackhat/pirate" -
i hope you'll agree that it's not the (our) sense
/JA
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/