Severe DNS Flaw Threatens Internet
Posted on: 11/13/2002 10:46 PM
ExtrmeTech has posted a news story on two BIND security vulnerabilities
The Internet Software Consortium, which maintains key open source Internet software, has reported two new and serious security vulnerabilities that affect the vast majority of DNS servers now in operation on the Internet. Most distributions of Linux and UNIX are affected, as are Microsoft-based systems which are running ports of the Berkeley Internet Name Daemon, or BIND.Read more
According to a bulletin posted on the organization's BIND security page, it is relatively easy to crash a BIND 8 server, causing denial of service. Another even more serious bug allows any domain name server running BIND 4.x or BIND 8.x (but not BIND 9) to be completely taken over by a malicious intruder.