BBC Homepage World Service Education
BBC Homepagelow graphics version | feedback | help
BBC News Online
 You are in: Sci/Tech
Front Page 
UK Politics 
Talking Point 
In Depth 

Wednesday, 31 January, 2001, 14:59 GMT
Major net security holes identified
Graphic BBC
Bind bugs leave the net wide open to attack
By BBC News Online internet reporter Mark Ward

The internet's single most important software package contains holes that can be exploited by malicious hackers.

This is among the most serious vulnerabilities to affect the internet

Computer Emergency Response Team
Anyone exploiting these vulnerabilities could take control of net servers, redirect visitors and steal e-mail messages, web security experts say.

Net server administrators using the at risk versions of the Berkeley Internet Name Domain (Bind) software have been urged to update their systems swiftly before they are attacked.

The internet's 13 root servers were quietly updated earlier this month ahead of the general, public alert.

Error message

The security warning about the Berkeley Internet Name Domain server, used by an estimated 90% of the networks that comprise the internet, was issued by the US Government-funded Computer Emergency Response Team (Cert).

Bind is the net equivalent of directory enquiries, and is consulted by a computer when it converts a domain name, such as, into a numeric address that details where to find that site on the internet. Typically, hundreds or thousands of computers on an individual network consult a couple of servers running Bind.

Now, work by PGP Covert Labs has found that versions 4 and 8 of Bind contain vulnerabilities that could be exploited by malicious hackers and let them take over a server.

Typically, when a computer on the net gets a message it does not understand, it responds by generating a routine error message. But PGP Covert Labs found that the vulnerabilities mean that Bind will execute commands hidden in carefully-crafted bogus messages.

Malicious hackers exploiting this could take over a net server, redirect queries to sites they controlled or re-route e-mail messages.

Vulnerability alerts

Shawn Hernan, leader of the Cert team, said Bind was "arguably the internet's single most important software package" and added: "This is among the most serious vulnerabilities to affect the internet."

Before they were quietly upgraded earlier this month, the internet's 13 root servers, that hold the master lists of which websites are where, were vulnerable to this type of attack.

Cert is typically happy to issue warnings via the net but this latest vulnerability was so serious that it called a press conference and publicly urged web server administrators to act straight away to close the loophole. Worried webmasters should upgrade to secure versions of Bind.

Cert said that swift action was needed malicious hackers are known to watch vulnerability alerts - sometimes more closely than many web administrators.

When Cert issued a warning about a hole in Bind in November 1999, the number of attempts by malicious hackers to exploit this vulnerability rose in the following couple of months. It expects exploitation of the holes to be "widespread" very soon.

Search BBC News Online

Advanced search options
Launch console
See also:

26 Jan 01 | Sci/Tech
Toasting the crackers
19 Jan 01 | Americas
'Mafiaboy' pleads guilty to hacking
24 Mar 00 | Business
Outdoing the hackers
19 Oct 00 | Sci/Tech
Cybercrime threat 'real and growing'
11 Feb 00 | UK
A - Z: Hack attack
Internet links:

The BBC is not responsible for the content of external internet sites

Links to more Sci/Tech stories are at the foot of the page.

E-mail this story to a friend

Links to more Sci/Tech stories