Internet Security Systems (ISS) has discovered a hole in the open source Bind (Berkeley Internet Name Domain) server, which runs the world's core Internet infrastructure. Bind is used to look up the IP addresses for domain names.
According to a report from the ISS X-Force security group, a logic error exists within Bind that may allow remote attackers to cause it to shutdown. The server must then be restarted manually.
The exploit affects version 9 releases of Bind up to 9.2.1. A number of operating systems are affected by the problem including those from Hewlett-Packard, Red Hat, Caldera and SuSe Linux.
In a notice on Cert, the Carnegie Mellon software engineering institute security alert Web site, Red Hat advised users to install the latest software patch available from its Web site.
Microsoft and IBM operating systems are unaffected, according to the Cert site.