The vulnerability is found in version 9 of the Internet Software Consortium's BIND (Berkeley Internet Name Domain) server. If it's exploited by an attacker the BIND server would stop responding until rebooted, according to an advisory issued by US-based security advisory CERT.
"Because the normal operation of most services on the Internet depends on the proper operation of DNS servers, other services could be affected if this vulnerability is exploited," the advisory states.
According to CERT, only version 9 prior to 9.2.1, and not versions 4 or 8 of ISC's BIND are affected.
By sending a specific DNS packet, which is designed to trigger an internal consistency check, the attacker is able to cause the shutdown, CERT said. "It is also possible to accidentally trigger this vulnerability using common queries found in routine operation, especially queries originating from SMTP servers."
However, Robert Mead, coordination centre manager at the Australian Computer Emergency Response team (AusCERT) urged companies to keep the vulnerability in perspective.
Mead said as yet AusCERT hadn't received any reports of businesses in Australia affected. AusCERT provides incidence-response assistance and training to its members.
According to Mead, most Australian businesses are more likely to be using either cut-down versions of 8, or current versions of 9.
-It's unlikely to have a significant impact on security-sensitive environments," Mead said.
Grant Slender, principal consultant for Australasia at Internet Security Systems (ISS), believes the alert signals a need for companies to maintain vigilance by being aware of vulnerabilities which could open them up to DoS attacks.
Slender sees government and large commercial organisations as the most likely to be affected. -It's critical that organisations take steps to protect their services from being removed from operation," Slender warned.
