Valdis.Kletnieks@xxxxxx wrote: >> Two months is still recently. Think about "In recent history we invaded >> Iraq", "In recent times terrorism has become more prominent". > > The real problem here is that "0-day" originally meant "previously undisclosed > vulnerability/exploit". The term lost its usefulness when all the hacker > wannabe's started posting "I found a 0-day", when what they really had was > a "*yawn*-we've-been-waiting-18-months-for-vendor-to-fix-day". Which reminds me, I recently found a vulnerability on all open source based systems. Seems like whenever there is a program called sudo installed on the machine - any user can run a command with root privileges on that machine if sudo is properly configured to allow the user to do so. #!/bin/sh # sudUmb echo pwnd sudo shutdown now # insert one million shout outs to etards here ==================================================== J. Oquendo "Excusatio non petita, accusatio manifesta" http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E sil . infiltrated @ net http://www.infiltrated.net
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/