ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Online business Toolkit

BIND bug opens domain name servers to attack

Matthew Broersma ZDNet.co.uk

Published: 05 Jun 2002 15:11 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Researchers have discovered a flaw in widely used software for locating Internet servers, which could allow the software to be shut down by hackers or even by accident. Such a shutdown would keep Web browsers, for example, from being able to locate Web sites.

CERT, an Internet security advisory service, on Tuesday warned that the flaw affects Domain Name System (DNS) servers running version 9 of Berkeley Internet Name Domain (BIND) prior to version 9.2.1. Version 9.2.1 is BIND's current release. "Because the normal operation of most services on the Internet depends on the proper operation of DNS servers, other services could be affected if this vulnerability is exploited," wrote CERT's Ian Finlay in a statement.

The exploit allows a hacker to send a DNS packet designed to trigger an internal consistency check and shut down the server. CERT said that it is also possible to accidentally trigger the vulnerability using common queries found in routine operations.

BIND is used by most companies to identify the domain to which each of their Internet servers belong. For example, a surfer who would like to go to PGP Security's Web site would type "www.pgp.com", but if the company's DNS servers were not available, the surfer's browser wouldn't know where to send the request.

Microsoft's Web sites were unavailable for four days early last year partly due to DNS problems.

CERT said that although the vulnerability can lead to a server shutdown, it does not allow hackers to execute arbitrary code or write data to arbitrary locations in the server's memory. The organisation recommends upgrading to BIND 9.2.1 or applying a vendor-supplied patch.

Many servers do not ship with BIND 9, and would therefore not be vulnerable unless the software were installed separately. Among those that were confirmed as running vulnerable versions of BIND 9 out of the box were Caldera's Open UNIX, some Hewlett-Packard products, Mandrake Linux 8.x, Red Hat Linux 7.1, 7.2 and 7.3, and all currently supported SuSE Linux distributions.

CNET News.com's Robert Lemos contributed to this report.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with HP

Did you find this article useful?
61 out of 114 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business


Company/Topic Alerts

Create a new alert from the list below:








Related Jobs

Security Consultant - Immediate start

The desired candidate will have the following skillset: * Network Vulnerability Internal & External Testing * Configuration of Cisco switches / ...

Linux System Administrator (RedHat, MySQL, DNS, Apache, RAID, SMTP)- Nottingham, Midlands

Job Title: Linux System Administrator (RedHat, MySQL, DNS, Apache, RAID, SMTP)- Nottingham, Midlands Location: Nottingham, Midlands Salary: Very Good ...

Network Services Manager, ISP, Internet Services, London.

Network Services Manager, ISP, Internet Services, Cisco, Juniper, Foundry, DNS, TCP/IP, BGP, OSPF, SMTP, FTP, POP, IMAP, HTTP, HTTPS, Unix, Windows, ...

Sentry Posts Blog

Mobile Linux Better For Mobile Busines...

Mobile Linux Better For Mobile Business Apps? Author: Eric Everson, MyMobiSafe.com As mobile Linux is carving it’s footprint on the future of mobile application development, the... More

Post a comment

DWP downplays security breach

The Department for Work and Pensions (DWP) has admitted that some of its staff have been forwarding passwords with password protected material. An email that was leaked on the 'Dizzy... More

Post a comment

How many headshots does one chairperso...

We got a strange request last week from the head of PR from Russian security experts Kaspersky. It seems although the company was very happy with the interview we recently carried with... More

Post a comment

Featured Talkback

I wonder, who needs .asia domain? I cannot imagine, what would be useful for Microsoft.asia? Toyota.asia? Then let's register .europe (if .eu is too short). Or perhaps Microsoft.southamerica, Dell.australiaandnewzealand, Coca-Cola.africa... Sound funny? Then why not just use the global and country domains? Or perhaps it is time to drop the domains at all?

By: LadyRoot

Read full story:
Businesses advised to register .asia domains