There’s a new BIND exploit that has been found allowing the possibility of the cache to be poisoned remotely, see here http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022.
We’ve updated our Slackware servers but as of yet there are no updates for Debian 4.0 which we have virtualmin installed on.
Chris