Security hole puts Net infrastructure at risk


Security hole puts Net infrastructure at risk

Cliff Saran
A major flaw on the Internet could cripple Web sites, e-mail and other Net-based services.

Internet Security Systems (ISS) has discovered a hole in the open source Bind (Berkeley Internet Name Domain) server, which runs the world's core Internet infrastructure. Bind is used to look up the IP addresses for domain names.

According to a report from the ISS X-Force security group, a logic error exists within Bind that may allow remote attackers to cause it to shutdown. The server must then be restarted manually.

The exploit affects version 9 releases of Bind up to 9.2.1. A number of operating systems are affected by the problem including those from Hewlett-Packard, Red Hat, Caldera and SuSe Linux.

In a notice on Cert, the Carnegie Mellon software engineering institute security alert Web site, Red Hat advised users to install the latest software patch available from its Web site.

Microsoft and IBM operating systems are unaffected, according to the Cert site.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy