Bugtraq

Bugtraq is a mailing list dedicated to computer security issues . It discusses weaknesses in computer programs, possibilities for exploiting them (so-called exploits ) and procedures to close these gaps. Bugtraq is a mailing list with a large number of posts, as almost all new security holes are addressed here.

Bugtraq was founded on November 5th, 1993 by Scott Chasin in order to react to the perceived inability of the then existing security infrastructure on the Internet , especially the CERT . It was Bugtraq's goal to immediately and completely publish security gaps regardless of possible reactions from the software manufacturers concerned.

Elias Levy remarked in an interview that “the conditions at that time were such that the manufacturers basically did not provide any updates. So the focus was on how to improve software that was not improved by the manufacturer. "

The mailing list was originally open, but the list was edited from June 5, 1995 due to increasing numbers of unusable contributions. Elias Levy moderated the list from June 14, 1996 until his resignation on October 15, 2001 .

Bugtraq was originally hosted at Crimelag.de. The list was given to the Brown University NetSpace Project , which was reorganized into the NetSpace Foundation . In July 1999, Bugtraq became the property of SecurityFocus , which on August 6, 2002 in turn was bought by the US software company Symantec . With the sale of large parts of Symantec on November 4, 2019 to Broadcom , Bugtraq and the securityfocus.com domain also became their property. The bugtraq@securityfocus.com mailbox has not been available since mid-April 2020!

Web links

• SecurityFocus - Mailing Lists (Bugtraq is the first mailing list after the "Most Popular" heading)
• Salon - Technology & Business - How do you fix a leaky Net? (includes a mention of Bugtraq)
• Spirit - Network Defense - Full Disclosure, or Tales to embarrass Vendors ~ The Good Old Days (a history of the CERT Advisory CA-93: 15 fiasco )