---------- Forwarded message ---------- From: Nuno Treez <[EMAIL PROTECTED]> Date: 14-dic-2006 17:33 Subject: Re: [Full-disclosure] NOT a 0day! Re: [fuzzing] OWASP Fuzzing page To: Gadi Evron <[EMAIL PROTECTED]>
2006/12/14, Gadi Evron <[EMAIL PROTECTED]>: > > Wow! That's fun! The so called "Word 0 day" flaw also affects > > OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool > > with the file: > > This is NOT a 0day. It is a disclosed vulnerability in full-disclosure > mode, on a mailing list (fuzzing mailing list). > [...] > A 0day, whatever definition you use, is used in the wild before people are > aware of it. Agree with you, Gadi. Need to know what we are talking about. From: http://www.tech-faq.com/0-day.shtml <snip> What is 0-day? 0-day, pronounced "Zero Day" or sometimes "Oh Day", means "new." The term has it's origins in the warez scene, but has become firmly entrenched in the exploit trading scene. If a game or an exploit was release on yesterday, it is 1-day. If it was released a full week ago, it is 7-day. 0-day is used to refer to exploits released today and exploits that have not yet been released. An exploit might be 0-day to you because it was just publicly released, but two-months old to members of the group that coded the exploit. </snip> Cheers. -- Nuno Treez -- Being a pain in the Internet's ass since 1996. -- Si vis pacem para bellum. (Vegetius, Epitome rei militaris, 3. Praef.) -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
