A serious vulnerability in the core architecture of the Internet is being exploited by hackers, a security firm has warned.

A flaw in the BIND open source software that is the most widely used DNS (Domain Name System) server software on the web specifically targets the core Internet system that convert URLs into IP addresses.

DNS Vulnerability

The warning came from the Internet Systems Consortium (ISC), and it warned that system administers must patch the vulnerability immediately.

“BIND vulnerability published today is particularly critical. Broadly applicable, easily exploited,” the firm warned in a tweet.

It said the flaw allows hackers to launch denial-of-service attacks on websites, potentially forcing them offline.

“An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit,” said the ISC.

“A week ago, the Internet Systems Consortium (ISC) team released a patch for a serious denial of service vulnerability (CVE-2015-5477) that allows a remote and unauthenticated attacker to crash the BIND (named) daemon, taking down a DNS server,” explained Daniel Cid, a networking expert at Sucuri, in a blog posting on the flaw.

“This happens because of an error in the way BIND handles TKEY queries, which with a single UDP packet can trigger a required assertion failure, causing the DNS daemon to exit,” wrote CID.

“Because of its severity we’ve been actively monitoring to see when the exploit would be live,” he added. “We can confirm that the attacks have begun. DNS is one of the most critical parts of the Internet infrastructure, so having your DNS go down also means your email, HTTP and all other services will be unavailable.”

Previous Flaw

This is not the first time that BIND has had a problem.

Back in April 2013, a “critical” security flaw was reported in BIND that allowed attackers to crash domain name servers. That flaw affected the version of BIND used on Linux and Unix systems, but didn’t affect the Windows version.

The Domain Name System (DNS) is a vital element of the Internet, but has in the past been attacked in hackers.

In 2012, hackers in Pakistan compromised one of the organisation’s managing domain name servers to redirect users to their own site. That attack disrupted access to major services such as Gmail and eBay.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

8 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

10 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

12 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

12 hours ago