A Bug for The Ages
Dan Kaminsky has recently alleged that a bug, which has been roaming for eight years in the Internet’s Domain Name Service or DNS, has resurfaced and could be utilized to spread malicious malware by exploiting the security systems of the computer.
He has reported that the bug makes the system vulnerable to man in the middle attacks if hackers got access to the servers and said that it was a “solid critical vulnerability by any normal standard.”
Kaminsky has also reported that this virus is potent enough to rattle completely a computer’s security, and said that a flaw was detected in the Gnu C standard library, also known as ‘glibc’, that can dupe users into browsing through shady domain names that are associated with such malware.
If clicked on, then the server would reply with a lengthy DNA name, which would give hackers the easy access to destroy the security codes of a computer. This bug is almost eight years old and has been around since May 2008. Kaminsky reported that the “buggy code has been around for quite some time” and has succeeded in acquiring a global status, an infection that could take ages to repair.
Redhat, who also discovered how vulnerable the system could get when infected by this bug, said that:
“A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches.”
The bug has already spread its reaches throughout a large area on the virtual topography and is said to be as frightening as Heartbleed.
The Heartbleed is a security bug whose existence was acknowledged in April 2014 in the OpenSSL cryptography library. It is widely utilised nowadays to implement the Transport layer Security protocol. This bug, which was coded into the Gnu DNS libraries in 2008, doesn’t seem to pay much heed to the Android operating system.