New flaws could spawn more Net attacks
By Robert Lemos
Staff Writer, CNET News.com
November 12, 2002, 3:37 PM PT
A network protection firm on Tuesday revealed three new flaws in the software on which the Internet's domain name system relies.
All three flaws could lead to denial-of-service attacks on the majority of domain name system (DNS) servers, which act as the address books for the Internet, said Internet Security Systems, which discovered the vulnerabilities. One flaw could allow an attacker to run programs on a vulnerable computer. Given the Internet attacks leveled at the DNS root servers three weeks ago, new attacks could be around the corner, ISS warned.
"A worm could be developed using this thing," said Dan Ingevaldson, leader for ISS's vulnerability research and development group. "We feel this vulnerability is in the same class as" the flaw that led to Code Red.
full story:
http://msnbc-cnet.com.com/2100-1001-...&subj=cnetnews