A buffer overflow is a particular kind of security bug. Not all security bugs are buffer overflows.
An exploit is a program written to expose or take advantage of a security bug.
You would use an exploit on your own (non-production) system to check whether a particular setup was vulnerable to the attack it was testing. You would then know what affect that expoit would have if it were run by an attacker against your production system, and if necessary you would patch it. You could then try it again after it was patched to make sure the patch actually worked.
exploit refers to a bug that can potentialy give access to an attacker?
that's when they refer to a bug as exploitable?
some-one correct me if i'm wrong?
When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer... http://www.AntiOnline.com/sig.php?imageid=360