Risk
8/26/2008
06:37 PM
50%
50%

FAA Computer Glitch Causes National Flight Delays

The problems began when an Atlanta facility that processes flight plan information went down due to a software malfunction, FAA officials said.

An unknown software glitch caused hundreds of flight delays across the United States.

In a conference call with reporters, the FAA said the problems began when an Atlanta facility that processes flight plan information went down due to a software malfunction.

Once that facility went down, the information was sent to a backup facility in Salt Lake City. But the Utah facility was quickly overloaded as multiple airports re-filed their flight plans, leading to delays.

The failure did not lead to radar outages, or communication issues with in-flight planes, FAA spokesperson Kathleen Bergen said. The problem only affected planes that were waiting to take off.

The delays began shortly after 1 p.m. EST and airports in Chicago, Atlanta, Boston, and Washington D.C. were hardest hit.

The FAA's computer system is the National Air Space Data Interchange Network, or NADIN, and officials ruled out terrorism or hacking as the cause of the problem.

"It appears to be an internal software processing problem," said Hank Krakowski, CEO for the FAA's air traffic division, in a conference call. "We're going to have to do some forensics on it."

But Krakowski added that the failure in Atlanta was "unprecedented," and that the agency needs to analyze it to understand it. The NADIN software is expected to be upgraded by the end of the year, but officials did not say how it would improve the current system.

The FAA said it expects to have the problems solved by Tuesday night, and for now, the Salt Lake City facility is now process all of the nation's flight plan information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2329
Published: 2015-08-31
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent string for a check_mk agent, a (2) crafted request to a monitored host, which is not properly handled by ...

CVE-2014-2330
Published: 2015-08-31
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown ...

CVE-2014-2331
Published: 2015-08-31
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2332
Published: 2015-08-31
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2570
Published: 2015-08-31
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.