Language Selection

English French German Italian Portuguese Spanish

Serious flaw marks end of life for Bind 8 DNS server

Filed under
Software
Security

A security researcher has found a serious vulnerability in an aging yet widely used software program used for the Internet's addressing system, prompting the software's maintainers to retire the affected version.

The flaw within Berkeley Internet Name Domain 8 (Bind 8) software could misdirect users to a fraudulent Web site even if a user typed in the correct URL (uniform resource locator), wrote Amit Klein, chief technology officer for security vendor Trusteer Ltd. Klein discovered the problem.

Users are being advised to upgrade to Bind 9.4, the latest version of the software, which underwent an architecture rewrite to improve security. The software, maintained by the Internet Software Consortium (ISC), is free to download.

More Here




More in Tux Machines

The Future of GNOME Control Center

Hello, GNOMErs! As some of you may be aware, I’m working on porting our beloved GNOME Control Center to match the latest mockups. Not alone, however; we’re a Team. Read more

Black Duck's Free Tool Digs Out Open Source Bugs

The main advantage of such tools is ease of use. The main limitation is that a tool is only as effective as its creators' list of vulnerabilities. Using a given tool implies that you trust the vendor to stay alert and on the job, noted King. Developers have "a ton of other similar offerings out there," he said. By offering a free scanner, Black Duck can draw attention to its other products. "If the new tool delivers what the company promises, it will help put the company in good stead with customer developers. Satisfied customers tend to be repeat customers," King said. Read more