The nine vulnerabilities affecting four popular TCP/ IP stacks (FreeBSD, Nucleus NET, IPnet and NetX) were revealed this week by researchers at Forescout in San Jose, Calif., and JSOF Research in Israel. Collectively the vulnerabilities are called Name:Wreck, which refers to how the parsing of domain names can break – “wreck” – DNS implementations in TCP/IP stacks, leading to denial of service or remote code execution attacks. TCP/IP stacks are the communications protocols used for organizing data transmissions from devices across the internet. A number of companies make stacks for their own or other products. “These vulnerabilities relate to Domain Name System (DNS) implementations, causing either denial of service (DoS) or remote code execution (RCE), allowing attackers to take target devices offline or to take control over them,” the researchers reported. “The widespread use of these stacks and often external exposure of vulnerable DNS clients lead to a dramatically increased attack surface. This research is further indication that the community should fix DNS problems that we believe are more widespread than what we currently know.”