From TechRepublic:
Many Domain Name System servers are wrongly configured or running out-of-date software, leaving them vulnerable to malicious attacks, according to a study published Monday.
DNS servers, which translate domain names such as “yoursite.com” into IP addresses, underpin the workings of the Internet. In its survey, Internet performance company The Measurement Factory found that the BIND software used for domain-name resolution is out-of-date on a fifth of DNS servers.
DNS servers that run versions of BIND earlier than version 9 are “opening the door” to pharming attacks–a kind of phishing attempt–through DNS cache poisoning, the company said in its report.