A bug eight years in the Internet DNS system can be used for spreading malware, according to security firm Dan Kaminsky.
The company says that an error in the Gnu C library, or “glibc», can fool their browsers to look into “shadow» domain names.
The servers can respond to applications with large DNS names, causing overflow in the software of a victim.
This behavior could allow attackers to execute code remotely and take control of a system.
The error has been corrected, says the security company, but the error code is available from May 2008, which means that it may take time until the correction to be applied everywhere.