The flaw could allow intruders to enter DNS servers with devastating effects - including shutting down or redirecting Web traffic and allowing customer and user details to be stolen.
The vulnerability is present in Bind (Berkeley Internet Name Domain) software versions 4 and 8, which is used on most DNS servers worldwide. According to the Cert, a US government-funded IT emergency response team, US military sites have already taken action to fix the problem.
DNS servers direct traffic on the Internet by holding address data that returns an IP address when a URL is presented, allowing routing of files to take place.
A Cert spokesman said there have been no reported hacks of DNS servers to date but the problem is potentially huge. The 13 root servers which direct worldwide DNS servers to updated information use Bind and could be a very productive target for hackers.
Fixes are available from: www.isc.org