Security hole puts Net infrastructure at risk


Security hole puts Net infrastructure at risk

Cliff Saran
A major flaw on the Internet could cripple Web sites, e-mail and other Net-based services.

Internet Security Systems (ISS) has discovered a hole in the open source Bind (Berkeley Internet Name Domain) server, which runs the world's core Internet infrastructure. Bind is used to look up the IP addresses for domain names.

According to a report from the ISS X-Force security group, a logic error exists within Bind that may allow remote attackers to cause it to shutdown. The server must then be restarted manually.

The exploit affects version 9 releases of Bind up to 9.2.1. A number of operating systems are affected by the problem including those from Hewlett-Packard, Red Hat, Caldera and SuSe Linux.

In a notice on Cert, the Carnegie Mellon software engineering institute security alert Web site, Red Hat advised users to install the latest software patch available from its Web site.

Microsoft and IBM operating systems are unaffected, according to the Cert site.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy