Four separate vulnerabilities have been discovered in the software used by most of the internet's domain name system (DNS) servers, putting parts of the network at risk.

The flaws discovered in two widely used versions of BIND (Berkeley Internet Name Domain), an implementation of DNS, could allow a malicious user to gain super-user privileges and execute code that would disrupt servers running the software.

DNS servers translate domain names into numerical IP addresses - for example, 11.11.11.11 - which are used to identify servers. The system lets web surfers use memorable domain names, rather then strings of numbers, to locate websites.

Jim Magdych, research manager at Network Associates business unit, PGP Security, said: "If this vulnerability was exploited by an attacker, all internet traffic relying on a vulnerable server could be brought to a halt."

He added: "Depending on a corporation's network configuration, a hacker could take advantage of the vulnerability to compromise the server and launch further attacks, potentially allowing the attacker access to internal networks."

The vulnerability exists in versions 4 and 8 of BIND, though not in the recently released version 9. Three of the four flaws were identified by researchers at PGP Security.

Technical information on upgrading is available from the Coordination Centre at Carnegie Mellon University at http://www.cert.org/advisories. The ISC has also posted new versions of the software on its website at www.ISC.org.