From security em unicamp.br Mon Jul 23 11:10:52 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 23 Jul 2007 11:10:52 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA07-191A -- Microsoft Updates for Multiple Vulnerabilities Message-ID: <20070723141052.GA31808@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA07-191A -- Microsoft Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 10 Jul 2007 16:52:06 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-191A Microsoft Updates for Multiple Vulnerabilities Original release date: July 10, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Excel * Microsoft Publisher * Microsoft .NET Framework * Microsoft Internet Information Services (IIS) * Microsoft Windows Vista Firewall Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall as part of the Microsoft Security Bulletin Summary for July 2007. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Further information about the vulnerabilities addressed by these updates is available in the Vulnerability Notes Database II. Impact A remote, unauthenticated attacker could execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the July 2007 Security Bulletins. The Security Bulletins describe any known issues related to the updates. Administrators are encouraged to note any known issues that are described in the Bulletins and test for any potentially adverse effects. System administrators may wish to consider using an automated patch distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft July 2007 updates - * Securing Your Web Browser - * Microsoft Security Bulletin Summary for July 2007 - * Microsoft Update - * Microsoft Office Update - * Windows Server Update Services - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA07-191A Feedback VU#487905" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History July 10, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpPwhvRFkHkM87XOAQKWiQf/XFpYurcCFZ1qG700NatqdY7wL6pO4qbv hGzdzUJH+aRN7b6XaEE/ZLprWnyj2H8HbH+HAHOuKDOxBI7N6PQ4WPaeZ14tDsNP pNFg81LjE5Hlj6h5N2p8XML3t/4X7a7wk5YB7nhiBdisxAJ7iNjQ1BawjTlA9/kl dTaIRW2njHpupGLWuin60U/di12jI3JirgJHfiRK6Ruiqnv56rM7LS9IOT1HV5RR 0otIr1Dttdnmgveb0YOiz7A36nwMiCEUzcUu2rKzARpZ4gMBIrSbfkAJpyUE0w3K WMh1tgEt3fooTgvBUhpDjfxbMNka85wGbpizcsKnw6VVzIQAlr0y3Q== =FRhW -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Jul 23 11:31:50 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 23 Jul 2007 11:31:50 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA07-192A -- Adobe Flash Player Updates for Multiple Vulnerabilities Message-ID: <20070723143149.GB31808@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA07-192A -- Adobe Flash Player Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 11 Jul 2007 16:31:35 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-192A Adobe Flash Player Updates for Multiple Vulnerabilities Original release date: July 11, 2007 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows, Apple Mac OS X, Linux, Solaris, or other operating systems with any of the following Adobe products installed: * Flash Player 9.0.45.0 * Flash Player 9.0.45.0 and earlier network distribution * Flash Basic * Flash CS3 Professional * Flash Professional 8, Flash Basic * Flex 2.0 * Flash Player 7.070.0 for Linux or Solaris For more complete information, refer to Adobe Security Bulletin APSB07-12. Overview There are critical vulnerabilities in Adobe Flash player and related software. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Adobe Security Bulletin APSB07-12 addresses vulnerabilities in Adobe Flash Player and related software. Further information is available in the US-CERT Vulnerability Notes database. Several operating systems, including Microsoft Windows and Apple OS X, have vulnerable versions of Flash installed by default. Systems with Flash-enabled web browsers are vulnerable. To exploit these vulnerabilities, an attacker could host a specially crafted Flash file on a web site and convince a user to visit the site. II. Impact A remote, unauthenticated attacker could execute arbitrary code with the privileges of the user, steal credentials, or create a denial-of-service condition. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. III. Solution Apply Updates Check with your vendor for patches or updates. For information about a specific vendor, please see the Systems Affected section in the vulnerability notes or contact your vendor directly. If you get the flash player from Adobe, see the Adobe Get Flash page for information about updates. Disable Flash Users who are unable to apply the patch should disable Flash. Contact your vendor or see the US-CERT Vulnerability Notes VU#110297, VU#730785, or VU#138457 for more details. Appendix A. References * Adobe - APSB07-12: Flash Player update available to address security vulnerabilities - * US-CERT Vulnerability Notes Database - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA07-192A Feedback VU#730785" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use Terms of use: _________________________________________________________________ Revision History July 11, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpU9ffRFkHkM87XOAQKltggAm5ZRfQ8tfM+0WGcNtMPCxjHyWfX3VNNt 8Q6rkAkft8LcP0ek7dRs4kxfvEz4RHWmT+6J/tUeG/X8DoBZKcjbe/c/Vh0gLQYN xKlAUXGjThWuTeoUmKwZkDQTdlwR1Y3E/LpjUKxoErANuLsgsHQkyvM8lDw+qBY6 TzynZFOSR0ZNjS7IpP945dkaFEbxY5gYGYi19/0FbgRMfcMLEkSmOrWIc5n58U1U IOQ/1gtZIWsNBR50Xrjs6avfSHNR7kTYXSMoSupZkuBGoapwwmYp/cVh1KPYJRjt jc0IaQbcGA80o22TJ1yyYroF8x5oUVpzLqJBcZSJLHWUMSXxB4Bv3g== =yQt6 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Jul 23 11:33:17 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 23 Jul 2007 11:33:17 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA07-193A -- Apple Releases Security Updates for QuickTime Message-ID: <20070723143317.GC31808@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA07-193A -- Apple Releases Security Updates for QuickTime To: technical-alerts em us-cert.gov Date: Thu, 12 Jul 2007 14:02:36 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-193A Apple Releases Security Updates for QuickTime Original release date: July 12, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows Overview Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. I. Description Apple QuickTime 7.2 resolves multiple vulnerabilities in the way Java applets and various types of media files are handled. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted Java applet or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. Note that QuickTime ships with Apple iTunes. For more information, please refer to the Vulnerability Notes Database. II. Impact These vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or commands and cause a denial-of-service condition. For further information, please see the Vulnerability Notes Database. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.2. This and other updates for Mac OS X are available via Apple Update. On Microsoft Windows, QuickTime users can install the update by using the built-in auto-update mechanism, Apple Software Update, or by installing the update manually. Disable QuickTime in your web browser An attacker may be able to exploit some of these vulnerabilities by persuading a user to access a specially crafted media file with a web browser. Disabling QuickTime in your web browser may defend against this attack vector. For more information, refer to the Securing Your Web Browser document. Disable Java in your web browser An attacker may be able to exploit some of these vulnerabilities by persuading a user to access a specially crafted Java applet with a web browser. Disabling Java in your web browser may defend against this attack vector. Instructions for disabling Java can be found in the Securing Your Web Browser document. References * Vulnerability Notes for QuickTime 7.2 - * About the security content of the QuickTime 7.2 Update - * How to tell if Software Update for Windows is working correctly when no updates are available - * Apple QuickTime 7.2 for Windows - * Apple QuickTime 7.2 for Mac - * Standalone Apple QuickTime Player - * Mac OS X: Updating your software - * Securing Your Web Browser - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA07-193A Feedback VU#582681" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History Thursday July 12, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpZsJ/RFkHkM87XOAQKLMgf9GpK/pbKTrSe0yKCRMt8Z4lMKl8VE+Rqr 4i8GfVXYUcBKbTlA8TTyf5ucbmCVAnjGJIq0W6X5gLBeA0QxCZ6qto/iPqviuvoV 8tu92/DuerYOkZMvJcn4RjAlMhM9CWCqJh1QG6R2Csn8AyeKEOFDiKYqoDzT+LoQ zojxmlNJIbUvIIGv8Z12Xkr1LLDmD4rs1nfDEBZm7yLTWRItmXpvSidftdUGETDZ +ok1SIhkZEbPNT7gAox9RZaKyIRHV7V4wZwqDd3weo6T7UPlhsgRqe88h1R5Yfq8 a7ePH0WSbTCqdGmuoM+nir4iDldoxB8OpbMUQH1nmWcDmc9xv++MHQ== =EV1X -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Jul 23 11:41:09 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 23 Jul 2007 11:41:09 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA07-199A -- Mozilla Updates for Multiple Vulnerabilities Message-ID: <20070723144109.GD31808@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA07-199A -- Mozilla Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 18 Jul 2007 16:27:47 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-199A Mozilla Updates for Multiple Vulnerabilities Original release date: July 18, 2007 Last revised: -- Source: US-CERT Systems Affected * Mozilla Firefox * Mozilla Thunderbird Other products based on Mozilla components may also be affected. Overview The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system. I. Description Mozilla has released new versions of Firefox and Thunderbird to address several vulnerabilities. Further details about these vulnerabilities are available from Mozilla and the Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to view a specially-crafted HTML document, such as a web page or an HTML email message. II. Impact While the impacts of the individual vulnerabilities vary, the most severe could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service or obtain private information. III. Solution Upgrade These vulnerabilities are addressed in Mozilla Firefox 2.0.0.5 and Thunderbird 2.0.0.5. Disable JavaScript Some of these vulnerabilities can be mitigated by disabling JavaScript or using the NoScript extension. For more information about configuring Firefox, please see the Securing Your Web Browser document. Thunderbird disables JavaScript and Java by default. IV. References * US-CERT Vulnerability Notes - * Securing Your Web Browser - * Mozilla Foundation Security Advisories - * Known Vulnerabilities in Mozilla Products - * Mozilla Hall of Fame - * NoScript Firefox Extension - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA07-199A Feedback VU#143297" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use Revision History July 18, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRp53HfRFkHkM87XOAQLeRwf/QqMX0I06N0r/bctdkce0RqUa9ZwpLSsM 42Ihq6NSQDOGM1cfqa8TxtYbITjV2cOQAmAYsi7HGdMF6zbZbkAZ5e/Lo06Be3mW Rw9s+ci5mLOiFHQ1mBAYn5/1+iK9WJPrbL3tvE9ejAjdIzSieWz4wwYE/A4gIJxh XnlwZT+EXafixy8qu/uLUjhwlfs+HiOtjaSP4q+N+LLfeSk+UeAXbT6nPt6d+B7Z hd7RKOJR2eesWpc9L7/oq0tmJdXSkW9Qel3L9KssOiir/ZKqpyVISkBxTbce9Pq8 hqXne3HWJXBT19YBmRMSDD693J6siCPXuLSLJbTFN4d/NKM5MF7kTQ== =jDnr -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Jul 23 11:43:49 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 23 Jul 2007 11:43:49 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA07-200A -- Oracle Releases Patches for Multiple Vulnerabilities Message-ID: <20070723144348.GE31808@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA07-200A -- Oracle Releases Patches for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 19 Jul 2007 16:40:54 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-200A Oracle Releases Patches for Multiple Vulnerabilities Original release date: July 19, 2007 Last revised: -- Source: US-CERT Systems Affected * Oracle Database * Oracle Application Server * Oracle Collaboration Suite * Oracle E-Business Suite and Applications * Oracle PeopleSoft Enterprise and JD EnterpriseOne For more detailed information regarding affected product versions, refer to the Oracle Critical Patch Update - July 2007. Overview Oracle has released patches to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. I. Description Oracle has released the Critical Patch Update - July 2007. According to Oracle, this Critical Patch Update (CPU) includes the following new security fixes: * 17 for the Oracle Databases * 1 for Oracle Internet Directory * 1 for Oracle Application Express * 4 for the Oracle Application Server * 1 for Oracle Collaboration Suite * 14 for the Oracle E-Business Suite * 3 for Oracle PeopleSoft Enterprise PeopleTools * 2 for PeopleSoft Enterprise Customer Relationship Management * 2 for PeopleSoft Enterprise Human Capital Management Many Oracle products include or share code with other vulnerable Oracle products and components. Therefore, one vulnerability may affect multiple Oracle products and components. Refer to the July 2007 CPU for details regarding which vulnerabilities affect specific Oracle products and components. For a list of publicly known vulnerabilities addressed in the July 2007 CPU, refer to the Map of Public Vulnerability to Advisory/Alert. The July 2007 CPU does not associate Vuln# identifiers (e.g., DB01) with other available information, even in the Map of Public Vulnerability to Advisory/Alert document. As more details about vulnerabilities and remediation strategies become available, we will update the individual vulnerability notes. II. Impact The impact of these vulnerabilities varies depending on the product, component, and configuration of the system. Potential consequences include remote execution of arbitrary code or commands, sensitive information disclosure, and denial of service. Vulnerable components may be available to unauthenticated, remote attackers. An attacker who compromises an Oracle database may be able to gain access to sensitive information or take complete control of the host system. III. Solution Apply patches from Oracle Apply the appropriate patches or upgrade as specified in the Critical Patch Update - July 2007. Note that this Critical Patch Update only lists newly corrected vulnerabilities. As noted in the update, some patches are cumulative, others are not. Oracle E-Business Suite and Applications patches are not cumulative, so E-Business Suite and Applications customers should refer to previous Critical Patch Updates to identify previous fixes they want to apply. Vulnerabilities described in the July 2007 CPU may affect Oracle Database 10g Express Edition (XE). According to Oracle, Oracle Database XE is based on the Oracle Database 10g Release 2 code. Known issues with Oracle patches are documented in the pre-installation notes and patch readme files. Please consult these documents and test before making changes to production systems. IV. References * US-CERT Vulnerability Notes Related to Critical Patch Update - July 2007 - * Critical Patch Update - July 2007 - * Critical Patch Updates and Security Alerts - * Map of Public Vulnerability to Advisory/Alert - * Oracle Database Security Checklist (PDF) - * Critical Patch Update Implementation Best Practices (PDF) - * Oracle Database 10g Express Edition - * Details Oracle Critical Patch Update July 2007 - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA07-200A Feedback VU#322460" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: _________________________________________________________________ Revision History July 19, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRp/JpfRFkHkM87XOAQL+aAf+LT57XEEdJFo0/rEvLauhqOviaJlUvPez 5pPCcB8GA9BlzNlF4acoIR8QxMqtGg2MVG/uSk6XPTK2CVKDKcBPmsp6iQxMbPCF Xz7iCuET++IcyUbIi7pMXaJIl6qCZKb8irhH11Z6IwAWjPkrsVv82wz4yCP+APEe +ANt4e/byziJ7AySg6WR/Rzpi+nedjLicpjfUilkQhRiXs6k9x5dUON4pPNU7DUV PeTZ3zccEVBvcr/t6YCzZ+yIzLZiAzVghH7SNbgDYv+NRboCjNOu95MniA8Oz2ED xNOf/wbFj7LMUsmza7u8kTaywUHOyR7LQ9mANsuHJb3n4Ug9/SAVdQ== =FFpC -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Thu Jul 26 08:57:43 2007 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 26 Jul 2007 08:57:43 -0300 Subject: [SECURITY-L] [S] BIND cache poisoning vulnerability details released Message-ID: <20070726115738.GA39338@unicamp.br> Date: Wed, 25 Jul 2007 19:36:11 -0300 From: Nelson Murilo To: seguranca em pangeia.com.br Subject: [S] BIND cache poisoning vulnerability details released [http://isc.sans.org/diary.html?storyid=3181] BIND cache poisoning vulnerability details released Published: 2007-07-24, Last Updated: 2007-07-24 12:14:41 UTC by Johannes Ullrich (Version: 1) Amit Klein wrote about a paper he just released with details about a BIND 9 cache poisoning issue. This is one of the problems addressed by the latest version of BIND 9. The very brief summary: BIND prior to version 9.4.1-P1 did not use a strong algorithm to create DNS transaction IDs. As a result, one can derive the next transaction ID BIND will use by knowning the last few transaction IDs. In this case, up to 15 queries are used. Once the attacker knows the "state" of the targets BIND install, it is possible to forge a response. DNS uses UDP by default. Each query sent by the DNS server includes a random transaction ID. The server responding to the query will include this transaction ID so the querying DNS server knows what query is answered by this particular response. BIND always uses the same source port for its queries. The attack appears to be quite feasible. Probably the main difficulty will be to get the spoofed packet routed. But unless the attackers network implements strict egress filtering, this is very much a feasible attack. Best to patch your BIND server soon. CVE: CVE-2007-2926 Versions affected: BIND 9.0 (all versions) BIND 9.1 (all versions) BIND 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7, 9.2.8 BIND 9.3.0, 9.3.1, 9.3.2, 9.3.3, 9.3.4 BIND 9.4.0, 9.4.1 BIND 9.5.0a1, 9.5.0a2, 9.5.0a3, 9.5.0a4, 9.5.0a5 Not vulnerable: BIND 9.2.8-P1, BIND 9.3.4-P1, BIND 9.4.1-P1 or BIND 9.5.0a6 For details, see www.trusteer.com/docs/bind9dns.html ISC.org link: www.isc.org/index.pl?/ws/bind/bind-security.php ----- End forwarded message -----