BIND Flaw Could Lead to DNS Problems

The Computer Emergency Response Team, otherwise known as CERT, is telling Web administrators and others in key positions that an upgrade to the BIND DNS server software is immediately necessary to prevent attacks and Web outages. According to the CERT report, both versions 4 and 8 of the popular software have been found to be vulnerable to attacks which could allow a potential hacker to reroute Web visitors to different IP addresses.

Reuters reports that as much as 80 percent of all sites on the net could be open to such attacks.

The potential risk was originally discovered by PGP Security, a division of Network Associates. Security experts at the firm also told Reuters that no known uses of the exploit to gain control and reroute traffic have been reported.

More information on the risk can be found at CERT and a new version of the BIND software can be found at the Internet Software Consortium Web site, who makes the BIND software.