The original plan was for the full details of the flaw to be released on Aug. 6 at a presentation at the Black Hat conference. However, the plan was dealt a big blow when
Thomas Dullien, Zynamics.com CEO and someone at Matasano accidentally posted details of the flaw ahead of schedule.

This has fuelled speculation that several hackers are already developing codes for the identified bug. In fact, attacks are expected within days.

According to several hacker experts, the potential breech is in the current execution of the Domain Name System for Web servers. The Domain Name System is a research system for Web servers: names of domains, such as huliq.com, are translated by DNS servers to static IP addresses, which is the true location of the site.

The Bug is said to exist in The DNS caching protocol. The flaw arises when the

DNS caching of incoming requests makes it vulnerable to malicious misdirection of Web traffic. According to the current protocol, a DNS server usually asks for information from another DNS server if it doesn’t have an IP address for the requested URL.

This can allow the DNS server to be tricked by malicious codes. The DNS server may fooled into believing that the information it requested is valid. This lets can pave way for a user requesting the information of a legitimate site to be redirected to a fussy IP address.

Whereas a software patch for the flaw was released two weeks ago to corporate and institutional users, Neal Krawetz, owner of computer security consultancy Hacker Factor Solutions it will take time for all of the major ISP companies to update their systems. By last week, up to almost half of the major ISP DNS servers were still vulnerable to attack.

According to Russ Cooper, a senior information security analyst with Verizon Business, the situation won’t be that bad as he expects most of the major ISPs to apply the patch thereby protecting the vast number of home users.

Source PCWorld.