Auction site sells security exploits

An eBay-like auction site that sells vulnerabilities will improve security by ensuring researchers get a fair price for their work, its founders say. The site currently holds a remote buffer overflow in Yahoo Messenger, a Linux kernel memory leak, an SQL injection flaw in MKPortal and a SquirrelMail problem. Around 20 buyers have been registered so far, as well as 30 sellers, who have provided another batch of flaws that should be on the site next week.

Read the article HERE.