<<< Date Index >>>     <<< Thread Index >>>

Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page



Gadi Evron a écrit :
On Tue, 12 Dec 2006, Joxean Koret wrote:
Wow! That's fun! The so called "Word 0 day" flaw also affects
OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool
with the file:

This is NOT a 0day. It is a disclosed vulnerability in full-disclosure
mode, on a mailing list (fuzzing mailing list).

I am not sure why I got this 10 times now, I thought the days of these
bounces were over. But I am tired of seeing every full-disclosure
vulnerability called a 0day anymore.

A 0day, whatever definition you use, is used in the wild before people are
aware of it.
It makes sense and I totally agree with you.
But the fact is that the things change (and not allways in the right direction :-()... due to the society, money, research of popularity... Please remember us also the sense of the word "hacker" for instance, since nowadays it's often use to speak about "bad guy/blackhat/pirate" - i hope you'll agree that it's not the (our) sense

/JA