It was discovered that in zonecheck, a tool to check DNS configurations, the CGI does not perform sufficient sanitation of user input; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 2.0.4-13lenny1. For the testing distribution , this problem has been fixed in version 2.1.1-1. For the testing distribution , this problem has been fixed in version 2.1.1-1. We recommend that you upgrade your zonecheck packages.