BugTraq Traq
BugTraq is a mailing list devoted to open ("full disclosure") discussion
of security holes and exploits. Various groups post exploits they've
found in software (or sometimes hardware), and most of the major software/hardware
vendors post announcements and updates for their own bugs. (To subscribe,
email listserv@netspace.org)
Robey posts weekly summaries of the mailing list here, on Bugtraq Traq.
The focus is more on how the exploits work, so we can learn stuff
about the kinds of problems that are showing up. This means that
unless the security hole is interesting, it will probably just be mentioned
in passing. (For instance, all buffer overflows are listed at the
bottom in a quick list; it's assumed that everyone knows what a buffer
overflow is and how common and avoidable they are.) Also, no real
attempt is made to follow up on previous bugs -- presumably if you care
deeply about a bug, you will follow up directly with the vendor.
-
#1, week of 05 oct
1998
-
#2, week of 12
oct 1998
-
#3, week of 19
oct 1998
-
#4, week of 26
oct 1998
-
#5, week of 02
nov 1998
-
#6, week of 09
nov 1998
-
#7, week of 16
nov 1998 & week of 23 nov 1998
-
#8, week of 30
nov 1998
-
#9, week of 07
dec 1998
-
#10, week of 14
dec 1998
-
#11, week of 21
dec 1998
-
#12, week of 28
dec 1998
-
#13, week of 04
jan 1999
-
#14, week of 11
jan 1999
-
#15, week of 18
jan 1999
-
#16, week of 25
jan 1999
The BugTraq mailing list is archived in its entirety at http://www.geek-girl.com/bugtraq
if you're interested in reading some of the raw material these reports
come from.