Server flaw threatens Web traffic


Server flaw threatens Web traffic

Antony Adshead
US security experts have warned of a flaw in critical Web server software, which could threaten the security of e-commerce.

Antony Adshead

The flaw could allow intruders to enter DNS servers with devastating effects - including shutting down or redirecting Web traffic and allowing customer and user details to be stolen.

The vulnerability is present in Bind (Berkeley Internet Name Domain) software versions 4 and 8, which is used on most DNS servers worldwide. According to the Cert, a US government-funded IT emergency response team, US military sites have already taken action to fix the problem.

DNS servers direct traffic on the Internet by holding address data that returns an IP address when a URL is presented, allowing routing of files to take place.

A Cert spokesman said there have been no reported hacks of DNS servers to date but the problem is potentially huge. The 13 root servers which direct worldwide DNS servers to updated information use Bind and could be a very productive target for hackers.

Fixes are available from:

Related Topics: Web software, VIEW ALL TOPICS

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy