Vulnerability Discovered in BIND DNS Servers
The ISC (Internet Systems Consortium) along with USCERT (United States Computer Emergency Readiness Team) have cautioned about a security flaw uncovered within the BIND (Berkeley Internet Name Domain)-9 Domain Name Server program, which could lead to crash of a computer system if it were exploited.
ISC, which maintains BIND, warns users that a security flaw allows hackers launch DOS (denial-of-service) assaults by transmitting malformed messages pertaining to dynamic updates to DNS servers using the application.
BIND, which is a DNS server application and most widely utilized, is automatically delivered to most Linux and UNIX platforms. This new denial-of-service vulnerability affects every edition of BIND-9 while the most recent version of the application, including 9.6.1-P1, 9.5.1-P3 and 9.4.3-P3 are not affected.
The flaw exposes all servers, controlling one or multiple zones, to attack. It is not restricted to servers which are set for permitting dynamic updates. A successful workaround is not provided via access controls.
Meanwhile, an exploit code is also understood to be floating across the Web with which the flaw could be exploited. Richard Hyatt, Co-founder of BlueCat Networks (based in Toronto), states that this exploit is zero-day vulnerability and therefore it should urgently patch BIND-9, as reported by NetworkWorld on July 29, 2009.
Hyatt further says that it is possible to carry out this attack by transmitting a DNS update packet no matter whether the server is configured to sustain DNS updates or not. According to him, there are several million DNS servers, which might be susceptible to the DOS assault, adding that a virus-based attack could possibly occur shortly for exploiting this flaw affecting un-patched systems.
The ISC also discloses that no workarounds are currently available.
Therefore, it is advisable that administrators patch their operating software right away, if or when released. Nevertheless, security experts have outlined certain tips. IBM Internet Security Systems' Michael H. Warfield states that a typical practice for adoption is to maintain a single master over one or more slaves while safeguarding that master by not connecting it to the Net, as reported by SoftPedia on July 29, 2009.
Related article: Vulnerabilities in Web Applications Invite Hackers’ Activities
» SPAMfighter News - 18-08-2009