IP: CERT: Critical Internet DNS Software Found Vulnerable

[Dave Farber <dave () farber net>]

> http://www.cert.org/advisories/CA-2001-02.html
>
> Good news is, no one has exploited this to date.
>
> http://dailynews.yahoo.com/htx/nm/20010129/tc/intersecurity_software_dc_1.html
>
> Monday January 29 1:03 PM ET
> Critical Internet Software Found Vulnerable
> By Jim Wolf
>
> WASHINGTON (Reuters) - A high-risk flaw in what may be the Internet's most 
> important software package could disrupt the operations of every company 
> that maintains a Web site, a Defense Department-funded research center 
> said on Monday.
>
> Electronic intruders seizing on the newly discovered vulnerability could 
> gain control of domain name servers (DNS), which translate names that are 
> easy to remember such as www.reuters.com into numeric addresses read by 
> computers.
> Once in control of these devices, attackers could conceivably change and 
> reroute the numeric ``Internet Protocol'' addresses, said the CERT 
> Coordination Center at Carnegie Mellon University in Pittsburgh, Pennsylvania.
> <SNIP>



For archives see: http://www.interesting-people.org/