Hackers Can Target URL/IP Conversion
According to a security expert at Sucuri, a firm devoted to dealing in network security, there is a flaw in DNS software that allows attackers to crash the system. Regular Internet users are mostly not affected. The Internet Systems Consortium among others has urged system administrators to patch the bug in Bind. Here is more information about the bug itself.
Bugs like these have in recent times rocked the Internet. Heartbleed and others have created major holes in web servers trying to do anything more than display HTML pages, and even those were insecure due to some.
Bind is the software used by many systems to convert a naked URL to an IP address which the browser can do something with although the filename in the browser bar is still displayed in plain English for the user. According to the bug page:
Both recursive and authoritative servers are vulnerable to this defect. Additionally, exposure is not prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling before checks enforcing those boundaries.