Extra Feeds & Services »

Home / News

Widespread Vulnerabilities in Programs Using OpenSSL, Bind Security Patch Released

  • Jan 09, 2009 4:19 PM PDT
  • Comments: 0
  • Views: 2,146
Print Comment
Netcraft

New vulnerabilities have been discovered in multiple programs using OpenSSL, one of the standard cryptography libraries on Linux and Unix systems. Due to a common mistake in checking return values from functions checking digital signatures, several programs may be vulnerable to spoofing of digital signatures.

The most important affected program is ISC Bind, which is the most widely used DNS server on the internet. A flaw in its validation of signatures on DNSSEC replies means that the server may be vulnerable to DNS spoofing attacks even where DNSSEC is in use. ISC has released BIND 9.6.0-P1 to fix this bug.

Read full story: Netcraft

Related topics: DNS, DNSSEC, Security

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Perspectives on a DNS-CERT

  • Mar 16, 2010
  • Comments: 0

Another One (Partially) Bites the Dust

  • Mar 12, 2010
  • Comments: 0

Authorities Take Down the Mariposa Botnet

  • Mar 05, 2010
  • Comments: 0

Closing in on the Google Hackers

  • Feb 25, 2010
  • Comments: 2

Switching on the Light: Expression of Interest for New TLDs

  • Feb 25, 2010
  • Comments: 0
View More

Related News

Memory Cards of 3,000 Vodafone Mobiles Infected With Malware

  • Mar 19, 2010
  • Comments: 0

German High Court Says No to Retaining Telecom, Email Data for Tracking Criminal Networks

  • Mar 02, 2010
  • Comments: 0

Comcast Announces Aggressive Plan to Deploy DNSSEC, Launches First Public Trial

  • Feb 23, 2010
  • Comments: 0

How IT and Internet Saved Lives in Haiti

  • Feb 17, 2010
  • Comments: 0

Google Dumps Illicit Pharmacy Advertisements

  • Feb 10, 2010
  • Comments: 0
View More

Other Topics

Access Providers Broadband Censorship Cloud Computing Cyberattack Cybercrime Cybersquatting Data Center DNS DNSSEC Domain Names Domain Registries Email Enum ICANN Internet Governance Internet Protocol IP Addressing IPTV IPv6 Law Malware Mobile Multilinguism Net Neutrality P2P Policy & Regulation Privacy Regional Registries Security Spam Telecom Top-Level Domains VoIP Web White Space Whois Wireless
View More



Industry Updates – Sponsored Posts

MarkMonitor Year in Review Report: How Escalating Online Brand Abuse is Used to Monetize Web Traffic

.ORG to Fully Deploy DNSSEC in June

  • By PIR
  • Views: 493

The GLOBE Program Chooses Dyn Inc.'s Dynect Platform to Deploy DNSSEC per Federal OMB Mandate

SPECIAL: Updates from the ICANN Meetings in Nairobi

MarkMonitor Sets New Standard in Brand Protection with Site Staydown Service

ICANN and Cybersecurity: Hot Topics at The First Ever .ORG Forum

  • By PIR
  • Views: 1,784

Neustar Releases UltraDNS Report Center

Neustar Implements DNS Security Extensions in the .US Registry

Neustar Launches Initiative to Enhance DNS With Faster, More Secure Updates

Registry Stakeholder Group Comments on Latest ICANN Policies

  • By PIR
  • Views: 2,020

Open Phishing Season

Nominum Announces "DNSSEC Made Easy" Solutions

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 2,297

Afilias' Matt Pounsett Elected Director-at-Large for DNS-OARC

SPECIAL: Updates from the ICANN Meetings in Seoul

.ORG Wins WebAward for Website Redesign and Selected as a Finalist for the NonProfit PR Awards

  • By PIR
  • Views: 2,147

SEO Poisoning: A Persistent Malware Threat Targeting High-Profile Brands

NeuStar Expands UltraDNS Network Infrastructure in Europe

Nominum CEO: Commercial vs. Open Source - Let Customers Choose

Pharmaceutical Brandjacking for Popular Drug Brands on the Rise

View More