Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Vulnerability Discovered in BIND DNS Servers

The ISC (Internet Systems Consortium) along with USCERT (United States Computer Emergency Readiness Team) have cautioned about a security flaw uncovered within the BIND (Berkeley Internet Name Domain)-9 Domain Name Server program, which could lead to crash of a computer system if it were exploited.

ISC, which maintains BIND, warns users that a security flaw allows hackers launch DOS (denial-of-service) assaults by transmitting malformed messages pertaining to dynamic updates to DNS servers using the application.

BIND, which is a DNS server application and most widely utilized, is automatically delivered to most Linux and UNIX platforms. This new denial-of-service vulnerability affects every edition of BIND-9 while the most recent version of the application, including 9.6.1-P1, 9.5.1-P3 and 9.4.3-P3 are not affected.

The flaw exposes all servers, controlling one or multiple zones, to attack. It is not restricted to servers which are set for permitting dynamic updates. A successful workaround is not provided via access controls.

Meanwhile, an exploit code is also understood to be floating across the Web with which the flaw could be exploited. Richard Hyatt, Co-founder of BlueCat Networks (based in Toronto), states that this exploit is zero-day vulnerability and therefore it should urgently patch BIND-9, as reported by NetworkWorld on July 29, 2009.

Hyatt further says that it is possible to carry out this attack by transmitting a DNS update packet no matter whether the server is configured to sustain DNS updates or not. According to him, there are several million DNS servers, which might be susceptible to the DOS assault, adding that a virus-based attack could possibly occur shortly for exploiting this flaw affecting un-patched systems.

The ISC also discloses that no workarounds are currently available.

Therefore, it is advisable that administrators patch their operating software right away, if or when released. Nevertheless, security experts have outlined certain tips. IBM Internet Security Systems' Michael H. Warfield states that a typical practice for adoption is to maintain a single master over one or more slaves while safeguarding that master by not connecting it to the Net, as reported by SoftPedia on July 29, 2009.

Related article: Vulnerabilities in Web Applications Invite Hackers’ Activities

» SPAMfighter News - 18-08-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next