June 5, 2002 - Berkeley Internet Name Domain (BIND), version 9 prior to version 9.2.1, carries a dangerous flaw. This security issue affects all Domain Name System (DNS) servers and allows cyber criminals to shut down the DNS server just by sending a DNS packet that triggers an internal consistency check. The DNS server can even be shut down by an accidental trigger from a common query.
Because BIND helps identify the domain to which each of a company's Internet servers belong this flaw can allow a DNS security breach to be crippling.
Many of the Internet's services rely on the correct functioning of the DNS servers, so by exploiting the BIND vulnerability, a hacker can cause a great deal of damage. In early 2001, Microsoft Web sites were unavailable for four days due to DNS problems. However, note that the BIND vulnerability does not permit attackers to write data or execute any kind of arbitrary code in the DNS server's memory.
When shipped, most servers do not come with BIND 9 installed, so the vulnerability appears when the software is installed. To prevent any DNS attacker from exploiting the BIND flaw, upgrading to version 9.2.1 is a good option. A patch produced by the vendor can also be applied to fix the flaw.
Some of the servers that come with BIND version 9 are Caldera's Open UNIX, Red Hat Linux 7.1, 7.2 and 7.3, a few Hewlett-Packard products, Mandrake Linux 8.x, and all SuSE Linux distributions up to June 2002 versions. Everyone is advised to fix this vulnerability to ensure the safety of the DNS servers.
Source: ZDNet.co.uk
About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.