> If a 0 day is everything found by a security team before a vendor then the > term will loose all purpose and meaning > because almost all work done by such researchers is finding vulns. before the > vendor.
A "1-day" to an exploit for a vulnerability patched one day ago. A "2-day" exploit takes advantage of a flaw patched 2 days ago. An "0-day" is an exploit for a previously unknown vulnerability. It doesn't mean "an exploit that is widely used by bad guys." It doesn't mean "an exploit that I think is leet enough." It doesn't mean "an exploit for software that I think is relevant" Simply having or finding 0-days isn't by itself a status symbol, there are probably millions of XSS 0-days that nobody cares about. And yes, many if not most security researchers spend their time looking for 0-days. (the relevant kind) I'm sure we can find some words for an attack you care about, maybe something explaining the level of access an attack gives you, how popular the software is, whether user interaction is required, whether credentials are required, whether it is remote, and yes, whether it is patched. Maybe even tie in something like CVSS. But "0-day" only refers to whether there is a patch. And also, this is a pretty nice attack. There's just something special about exploiting hacker tools. -- scriptjunkie http://www.scriptjunkie.us/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
