Server flaw threatens Web traffic


Server flaw threatens Web traffic

Antony Adshead
US security experts have warned of a flaw in critical Web server software, which could threaten the security of e-commerce.

Antony Adshead

The flaw could allow intruders to enter DNS servers with devastating effects - including shutting down or redirecting Web traffic and allowing customer and user details to be stolen.

The vulnerability is present in Bind (Berkeley Internet Name Domain) software versions 4 and 8, which is used on most DNS servers worldwide. According to the Cert, a US government-funded IT emergency response team, US military sites have already taken action to fix the problem.

DNS servers direct traffic on the Internet by holding address data that returns an IP address when a URL is presented, allowing routing of files to take place.

A Cert spokesman said there have been no reported hacks of DNS servers to date but the problem is potentially huge. The 13 root servers which direct worldwide DNS servers to updated information use Bind and could be a very productive target for hackers.

Fixes are available from:

Related Topics: Web software, VIEW ALL TOPICS

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy