- Security analysts are bracing themselves for a potentially lethal series of denial-of-service attacks in the coming weeks. Systems administrators around the world are being warned that four new security gaps discovered in the software that allows most companies to connect to the internet.
The CERT Coordination Center at Carnegie Mellon University and Network Associates Inc.'s PGP Security subsidiary have simultaneously released warnings about vulnerabilities in multiple versions of the Internet Software Consortium's Berkeley Internet Name Domain (BIND) server software.
BIND is software that allows web servers run by companies and internet service providers to translate text-based internet addresses into numbered IP addresses that can be read and understood by computers.
In a notice posted on its web site, the Internet Software Consortium (ISC) "strongly recommended" that users upgrade to Version 9.1 of BIND, the latest release of the software, in order to plug the security holes. That version isn't vulnerable to the vulnerabilities. If installing 9.1 isn't possible, the Redwood City, Calif.-based organization added, upgrading to at least BIND 8.2.3 is "imperative."
CERT, PGP Security and ISC officials are most concerned about a new vulnerability in the Transaction Signatures (TSig) feature of BIND that could enable malicious hackers to take control of web servers and either redirect or block internet requests that are sent to them. The organizations are also warning that hackers could take over targeted machines and implant malicious code for use in distributed denial-of-service attacks such as the ones that were launched against Microsoft Corp. last week and against eBay Inc., Buy.com Inc., Amazon.com Inc. and other widely used e-commerce sites last February.
ISC rated the severity of the TSig vulnerability as "critical" in the notice on its web site.
The latest warning is the 12th advisory published on BIND vulnerabilities by CERT since 1997.