               Release Notes for
       McAfee(R) ePolicy Orchestrator(TM)
                 Version 2.5.1
                    Patch 14
     (C) Copyright 2004 Networks Associates
                Technology, Inc.
              All Rights Reserved


=====================================================

This release was developed and tested with:

ePolicy Orchestrator:2.5.1

Make sure you have installed one of these
versions before using this release.

=====================================================


Thank you for using the ePolicy
Orchestrator(TM) software. This file contains
important information regarding this release.
We strongly recommend that you read the entire
document.

The attached files are provided as is, and with
no warranty either expressed or implied as to
their suitability for any particular use or
purpose. Network Associates, Inc. assumes no
liability for damages incurred either directly
or indirectly as a result of the use of these
files, including but not limited to the loss or
damage of data or systems, loss of business or
revenue, or incidental damages arising from
their use. Patch files should be applied only
on the advice of McAfee Security Technical
Support, and only when you are actually
experiencing the issue being addressed by the
Patch. Patch files should not be proactively
applied in order to prevent potential product
issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement
for product Service Packs which may be released
by Network Associates, Inc. It is a violation
of your software license agreement to
distribute or share these files with any other
person or entity without written permission
from Network Associates, Inc. Further, posting
of McAfee Security Patch files to publicly
available Internet sites is prohibited. Network
Associates, Inc. reserves the right to refuse
distribution of Patch files to any company or
person guilty of unlawful distribution of
McAfee software products. Questions or issues
with McAfee Patch files should be directed to
McAfee Security Technical Support.


_____________________________________________________
WHAT'S IN THIS FILE

-  About This Release
   -  Purpose
   -  Resolved Issues
   -  Additional Resolved Issues
   -  Language Support
   -  Files Included with This Release
-  Installation
   -  Installation Requirements
   -  Installation Steps
   -  Installing the Patch
   -  Securing ePolicy Orchestrator SQL Server
      Logins
   -  Testing Your Installation
   -  Removing This Release
-  Contacting McAfee Security and Network
   Associates
-  Copyright and Trademark Attributions
   -  Trademarks
   -  License Agreement and Attributions


_____________________________________________________
ABOUT THIS RELEASE

PURPOSE

This Patch replaces agent and server files in
ePolicy Orchestrator to resolve the issues
listed below.

RESOLVED ISSUES

1. ISSUE:
   This release addresses the McAfee ePolicy
   Orchestrator Remote Command Execution
   Vulnerability; vulnerability identifier:
   CVE-2004-0038.

   RESOLUTION:
   This vulnerability no longer exists.

ADDITIONAL RESOLVED ISSUES

1. This release addresses the McAfee ePolicy
   Orchestrator HTTP POST Buffer Mismanagement
   Vulnerability.
   Vulnerability identifier: CVE-2004-0095.

2. ePolicy Orchestrator MSDE SA Account
   Compromise -- The default installation of
   MSDE, via ePolicy Orchestrator, configures a
   connection between the ePolicy Orchestrator
   server and MSDE to use an SA account. A
   knowledgeable user could obtain the SA
   password to this account. The ePolicy
   Orchestrator server configuration file,
   encrypted with 3DES, can be obtained by
   issuing a carefully targeted HTTP request to
   the ePolicy Orchestrator server. It is then
   possible to decrypt this file and obtain the
   password by reverse engineering the
   product.
   Vulnerability identifier: CAN-2003-0148

3. ePolicy Orchestrator 2.X Post Parameters
   Heap Overflow -- Sending a POST request to
   the ePolicy Orchestrator agent, where
   parameters in the URL are substituted for a
   large number of A's will cause the service
   to stop responding. A carefully targeted
   request will allow an attacker to overwrite
   arbitrary data and thus execute code.
   Vulnerability identifier: CAN-2003-0149

4. ePolicy Orchestrator 2.X Computerlist Format
   String -- Sending a POST request to the
   ePolicy Orchestrator server, where the
   computerlist parameter contains a few format
   characters, will cause the ePolicy
   Orchestrator server service to stop
   responding when it tries to log a failed
   name resolution. A maliciously constructed
   string containing format string characters
   will allow the execution of arbitrary code.
   Vulnerability identifier: CAN-2003-0616

5. ISSUE:
   When trying to create the event file name of
   NAIFFFF.EVT, the ePolicy Orchestrator agent
   writes the file over and over, causing
   VirusScan to use 100% CPU.

   RESOLUTION:
   The agent now properly writes the file.


6. ISSUE:
   During the agent callback when the version
   number is the same for the property files,
   there was a ##delete## entered into the
   incremental property file, causing the
   properties to be removed from ePolicy
   Orchestrator.

   RESOLUTION:
   The agent no longer enters ##delete## when
   the properties are the same.

7. ISSUE:
   When using the following strings in a
   browser window, the agent displays a Dr.
   Watson message:

      http://<Agent IP Address>:8081/%s%x%n

      http://<Agent IP Address>:8081/%x%s%n

      http://<Agent IP Address>:8081/%.516x

   RESOLUTION:
   The strings no longer cause the message to
   appear.

8. ISSUE:
   Even though the randomization setting was
   enabled, a majority of the agents would
   still synchronize when performing tasks.

   RESOLUTION:
   The agent now has a more varied
   randomization period.

9. ISSUE:
   Under certain circumstances, if the agent
   tried to enforce policies and compile them
   at the same time, policy corruption might
   occur.

   RESOLUTION:
   The agent no longer enforces policies while
   it is compiling.

10.   ISSUE:
   Under certain conditions, NAIMSERV.EXE tries
   to release memory twice, causing an access
   violation error that can cause the server to
   crash.

   RESOLUTION:
   NAIMSERV.EXE no longer releases memory
   twice.

11.   ISSUE:
   A single ADO connection was performing
   multiple database operations at once,
   causing a variety of issues, including
   properties from agents to report
   incorrectly, and the ePolicy Orchestrator
   server to stop responding.

   RESOLUTION:
   Now a single connection performs only one
   database operation at a time. This
   eliminates the issues above and improves
   overall performance.

   ADDITIONAL INFORMATION:
   The agent wakeup call now includes a "Get
   full Props" option, which requests complete
   properties.


12.   ISSUE:
   If the public key data for the ePolicy
   Orchestrator server was not entered into the
   database the first time the agent sent it to
   the server, the message "Invalid Server
   Public Key...Package ignored from
   <COMPUTER_NAME>" was saved in SERVER.LOG at
   every agent-to-server-communication interval
   (ASCI). When this situation occurred, the
   server would no longer accept data from the
   agent.

   RESOLUTION:
   The server now checks the size of the key
   and, if it is empty, requests that the agent
   resend it.

13.   ISSUE
   "Failed to enforce policies" and "Failed to
   get properties" messages were incorrectly
   reported in the "Server Event Viewer" and
   the following events (alerts) were
   incorrectly saved in the ePolicy
   Orchestrator database even though policy and
   task enforcement and properties collection
   completed successfully.

   2232 -- ePolicy Orchestrator Agent: Enforce
   Policy Failed

   2264 -- ePolicy Orchestrator Agent: Property
   Collection Failed

   2328 -- ePolicy Orchestrator Agent: Enforce
   Task Failed

   RESOLUTION:
   These incorrect messages are no longer
   reported in the "Server Event Viewer."
   Although, the incorrect events are still
   generated, you can now filter them so that
   they are no longer collected.

   ADDITIONAL INFORMATION:
   To filter these events, do the following:

   1. Log on to the desired ePolicy
      Orchestrator database server using "ePO
      authentication" and a global
      administrator account.

   2. In the console tree under "ePO Reports,"
      "ePO Databases," <DATABASE_SERVER>, click
      "Alerts." The "Alerts" dialog box appears
      in the details pane.

   3. On the "Filtering" tab, deselect the
      checkboxes that correspond to events
      2232, 2264, and 2328.

   4. Click "Apply." Beginning at the next
      agent-to-server communication interval
      (ASCI), these events will no longer be
      collected. Events that are already in the
      database are not affected.

14.   ISSUE:
   If an ePolicy Orchestrator server was using
   two network cards and, thus, two IP
   addresses (for example, using one network
   card for a remote SQL Server database and
   another for the managed network), the first
   binding IP address was always used for
   agent-to-server communication. If this IP
   address wasn't associated with the network
   card being used for the managed network,
   agents were unable to communicate with the
   server.

   RESOLUTION:
   Now, if a value is defined for
   "ServerIPAddress=" in SERVER.INI, agents use
   it to connect to the server. Otherwise, the
   first binding IP address is used.

   ADDITIONAL INFORMATION:
   To specify an IP address in SERVER.INI, do
   the following:

   1. In a text editor, open SERVER.INI. This
      file is located in the DB folder in the
      installation directory. The default
      installation directory is:

      C:\PROGRAM FILES\MCAFEE\EPO\2.0

   2. Type the following line in SERVER.INI,
      then save the file:

      SERVERIPADDRESS=<IP_ADDRESS>

   3. In the "Service" dialog box, select the
      "McAfee ePolicy Orchestrator 2.5.1
      Server" service, click "Stop," then click
      "Start" to restart the service.

   4. Deploy the agent or SITEINFO.INI to
      affected client computers.

15.   ISSUE:
   If agents sent an empty event file to the
   ePolicy Orchestrator server, server might
   stop responding.

   RESOLUTION:
   The server now ignores empty event files and
   logs a message in SERVER.LOG.

16.   ISSUE:
   A SELECT statement was used after events
   were added to the database. This statement
   slowed down server performance
   unnecessarily.

   RESOLUTION:
   A SELECT statement is no longer used.

17.   ISSUE:
   The virus definition (DAT) file version
   number for the Nimda Scanner (5000) was
   being prefilled in the "Current Protection
   Standards" dialog box and was causing DAT
   files to be reported as out-of-date. This
   dialog box appears when you run the
   "DAT/Definition Deployment Summary," "DAT
   Engine Coverage," or "Engine Deployment
   Summary" reports.

   RESOLUTION:
   The DAT version number is no longer
   prefilled in the "Current Protection
   Standards" dialog box.


LANGUAGE SUPPORT

This release supports all language versions of
the ePolicy Orchestrator software.


FILES INCLUDED WITH THIS RELEASE

This release consists of a package called
EPO25114.ZIP, which contains the following
files:

   EPO25114.EXE =
      Setup program

   EPOSQLSEC.SQL =
      SQL script

   PACKING.LST =
      List of Patch files

   PATCH14.TXT =
      This text file


_____________________________________________________
INSTALLATION

INSTALLATION REQUIREMENTS

To use this release, you must have ePolicy
Orchestrator 2.5.1 software installed on the
ePolicy Orchestrator server that you intend to
update with this release.

   NOTE:
   This release does not work with earlier
   versions of the ePolicy Orchestrator
   software.


INSTALLATION STEPS

1. Create a temporary folder on the hard drive
   of the ePolicy Orchestrator server.

2. Extract the EPO25114.ZIP file to the
   temporary folder that you created in Step
   1.


INSTALLING THE PATCH

      WARNING
      Close the Windows Services dialog box to
      avoid installation issues.

1. Back up ePolicy Orchestrator databases.

   If you are using Microsoft SQL Server as the
   ePolicy Orchestrator database, see the SQL
   Server product documentation.

   If you are using Microsoft Data Engine
   (MSDE) as the ePolicy Orchestrator database,
   you can use the Database Backup Utility
   (DBBAK.EXE) to back up ePolicy Orchestrator
   MSDE databases on the database server. For
   instructions, see "Backing up ePolicy
   Orchestrator MSDE databases" in the ePolicy
   Orchestrator 3.0 Product Guide.

2. Log on to the desired computer using a user
   account with local administrator
   permissions.

3. Close all ePolicy Orchestrator consoles.

4. On the taskbar, click the "Start" button,
   then point to "Run." The "Run" dialog box
   appears.

5. In "Open," type the path where the Setup
   program (EPO25114.EXE) is located, then
   click "OK." The "ePolicy Orchestrator 2.x
   Patch 14 Setup" wizard appears.

6. Click "Next" to begin the installation.

7. Click "Finish" to complete the
   installation.

8. In the "Services" dialog box, select the
   "NAI ePolicy Orchestrator 2.5.1 Server"
   service and edit the service to change the
   account back to the original setting. For
   example, if you specified a domain
   administrator account during the initial
   installation, you need to provide that
   account information again. The account is
   not automatically restored.


SECURING EPOLICY ORCHESTRATOR SQL SERVER
LOGINS

If you installed MSDE as part of the ePolicy
Orchestrator installation, you need to complete
these steps if you are using SQL
authentication.

1. In a text editor, open the EPOSQLSEC.SQL
   file from the temporary folder you created
   in Step 1 of "Installation Steps." It
   contains these lines:

   EXEC sp_addlogin
      '<new_login_name>',
      '<password>',
      '<database_name>'

   EXEC sp_grantdbaccess '<new_login_name>'

   EXEC sp_addrolemember
      'db_owner',
      '<new_login_name>'

2. Replace the <new_login_name> variable with a
   user name for a new SQL Server user account
   (login). This variable appears three times.

3. Replace the <password> variable with a
   password for the new user account. This
   variable appears once.

4. Replace the <database_name> variable with
   the name of the ePolicy Orchestrator
   database. The default database name is
   EPO_<SERVER>, where <SERVER> is the name of
   the ePolicy Orchestrator server. This
   variable appears once.

   For example, if the user name is EPODBO, the
   password is T2M0912, and the database name
   is ePO_MANAGE, the resulting file would be:

   EXEC sp_addlogin
      'EPODBO',
      'T2M0912',
      'ePO_MANAGE'

   EXEC sp_grantdbaccess 'EPODBO'

   EXEC sp_addrolemember
      'db_owner',
      'EPODBO'

5. Save the file.

6. At the command prompt, run the following
   command:

      NOTE
      This command is case-sensitive.

      OSQL -d<database_name> -U<account_with_sa_privileges> -P<password>
      -i<path>EPOSQLSEC.SQL

   Where <database_name> is the name of the
   ePolicy Orchestrator database. The default
   database name is EPO_<SERVER>, where
   <SERVER> is the name of the ePolicy
   Orchestrator server.

   And where <account_with_sa_privileges> and
   <password> are the user name and password of
   an account with system administrator
   permissions on the database.

   And where <path> is the location of the
   EPOSQLSEC.SQL file.

   For example, if the ePolicy Orchestrator
   database name is ePO_MANAGE, the user name
   is SA, the password is 53cr3t, and the
   EPOSQLSEC.SQL file is in C:\TEMP, the
   resulting command would be:

      OSQL -dePO_MANAGE -USA -P53cr3t -iC:\TEMP\EPOSQLSEC.SQL

7. Start the Server Configuration program
   (CFGNAIMS.EXE). The default location is:

      C:\PROGRAM FILES\MCAFEE\EPO\2.0

8. Click the "Administrator" tab.

9. Select "Use SQL authentication."

10.   In "User name," type the value you
   provided for the <new_login_name> variable
   in Step 3.

11.   In "Password," type the value you
   provided for the <password> variable in Step
   4.

12.   Click "OK."


TESTING YOUR INSTALLATION

As agents communicate to the ePolicy
Orchestrator server, they are automatically
upgraded. If you wish to deploy the Patch
immediately, you must use an agent wakeup call
or deploy the new POAGINST.EXE file with a
software distribution tool.  The new
POAGINST.EXE file created by the installation
process can be located in your ePolicy
Orchestrator installation directory. The
default location is:

      C:\PROGRAM FILES\MCAFEE\EPO\2.0\DB\SOFTWARE\
      EPOAGENT2000\2.5.1.298\0409\INSTALLFILES\POAGINST.EXE


REMOVING THIS RELEASE

To remove this Patch from your computer,
uninstall, then reinstall ePolicy
Orchestrator.

   NOTE:
   We recommend that you do NOT remove the
   Patch files once you install them. If you
   reinstall the ePolicy Orchestrator software,
   we recommend that you also reinstall the
   Patch.


_____________________________________________________
CONTACTING MCAFEE SECURITY & NETWORK
ASSOCIATES

Technical Support
   Home Page
      http://www.networkassociates.com/us/support/


   KnowledgeBase Search
      https://knowledgemap.nai.com/phpclient/homepage.aspx

   PrimeSupport Service Portal
      http://mysupport.nai.com

      Login credentials required.


McAfee Security Beta Program
   Beta Web Site
      http://www.networkassociates.com/us/downloads/beta/

   E-mail
      avbeta@nai.com


Security Headquarters -- AVERT (Anti-Virus
Emergency Response Team)
   Home Page
      http://www.networkassociates.com/us/security/home.asp

   Virus Information Library
      http://vil.nai.com

   Submit a Virus Sample  AVERT WebImmune
      https://www.webimmune.net/default.asp

   AVERT DAT Notification Service
      http://www.networkassociates.com/us/downloads/updates/


Download Site
   Home Page
      http://www.networkassociates.com/us/downloads/

   DAT File and Engine Updates
      http://www.networkassociates.com/us/downloads/updates/

      ftp://ftp.nai.com/pub/antivirus/datfiles/4.x

   Product Upgrades
      https://secure.nai.com/us/forms/downloads/upgrades/login.asp

      Valid grant number required.
      Contact Network Associates Customer
      Service


Training
   McAfee Security University
      http://www.networkassociates.com/us/services/education/mcafee/university.htm



Network Associates Customer Service
   US, Canada, and Latin America toll-free:
   Phone:   +1-888-VIRUS NO or +1-888-847-8766
            Monday - Friday, 8 a.m. - 8 p.m.,
            Central Time

   E-mail:  services_corporate_division@nai.com
   Web:     http://www.nai.com/us/index.asp
            http://www.networkassociates.com/us/products/mcafee_security_home.htm

For additional information on contacting
Network Associates and McAfee Security 
including toll-free numbers for other
geographic areas  see the documentation that
accompanied your original product release.


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

 2004 Networks Associates Technology, Inc. All
Rights Reserved. No part of this publication
may be reproduced, transmitted, transcribed,
stored in a retrieval system, or translated
into any language in any form or by any means
without the written permission of Networks
Associates Technology, Inc., or its suppliers
or affiliate companies. To obtain this
permission, write to the attention of the
Network Associates legal department at: 5000
Headquarters Drive, Plano, Texas 75024, or call
+1-972- 963-8000.


TRADEMARKS

Active Firewall, Active Security, Active
Security (in Katakana), ActiveHelp,
ActiveShield, AntiVirus Anyware and design,
Appera, AVERT, Bomb Shelter, Certified Network
Expert, Clean-Up, CleanUp Wizard, ClickNet,
CNX, CNX Certification Certified Network Expert
and design, Covert, Design (stylized N), Disk
Minder, Distributed Sniffer System, Distributed
Sniffer System (in Katakana), Dr Solomons, Dr
Solomons label, E and Design, Entercept,
Enterprise SecureCast, Enterprise SecureCast
(in Katakana), ePolicy Orchestrator, Event
Orchestrator (in Katakana), EZ SetUp, First
Aid, ForceField, GMT, GroupShield, GroupShield
(in Katakana), Guard Dog, HelpDesk, HelpDesk
IQ, HomeGuard, Hunter, Impermia, InfiniStream,
Intrusion Prevention Through Innovation,
IntruShield, IntruVert Networks, LANGuru,
LANGuru (in Katakana), M and design, Magic
Solutions, Magic Solutions (in Katakana), Magic
University, MagicSpy, MagicTree, McAfee, McAfee
(in Katakana), McAfee and design, McAfee.com,
MultiMedia Cloaking, NA Network Associates, Net
Tools, Net Tools (in Katakana), NetAsyst,
NetCrypto, NetOctopus, NetScan, NetShield,
NetStalker, Network Associates, Network
Performance Orchestrator, Network Policy
Orchestrator, NetXray, NotesGuard, nPO, Nuts &
Bolts, Oil Change, PC Medic, PCNotary,
PortalShield, Powered by SpamAssassin,
PrimeSupport, Recoverkey, Recoverkey 
International, Registry Wizard, Remote Desktop,
ReportMagic, RingFence, Router PM, Safe &
Sound, SalesMagic, SecureCast, SecureSelect,
Service Level Manager, ServiceMagic, SmartDesk,
Sniffer, Sniffer (in Hangul), SpamKiller,
SpamAssassin, Stalker, SupportMagic,
ThreatScan, TIS, TMEG, Total Network Security,
Total Network Visibility, Total Network
Visibility (in Katakana), Total Service Desk,
Total Virus Defense, Trusted Mail, UnInstaller,
VIDS, Virex, Virus Forum, ViruScan, VirusScan,
WebScan, WebShield, WebShield (in Katakana),
WebSniffer, WebStalker, WebWall, What's The
State Of Your IDS?, Whos Watching Your
Network, WinGauge, Your E-Business Defender,
ZAC 2000, Zip Manager are registered trademarks
or trademarks of Network Associates, Inc.
and/or its affiliates in the US and/or other
countries. Sniffer brand products are made
only by Network Associates, Inc. All other
registered and unregistered trademarks in this
document are the sole property of their
respective owners.


LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE
APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO
THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE
GENERAL TERMS AND CONDITIONS FOR THE USE OF THE
LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH
TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE
CONSULT THE SALES AND OTHER RELATED LICENSE
GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU
HAVE RECEIVED SEPARATELY AS PART OF THE
PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT
CD, OR A FILE AVAILABLE ON THE WEB SITE FROM
WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF
YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH
IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE.
IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO
NETWORK ASSOCIATES, INC. OR THE PLACE OF
PURCHASE FOR A FULL REFUND.


Attributions

This product includes or may include:

-   Software developed by the OpenSSL Project
for
use in the OpenSSL Toolkit
(http://www.openssl.org/).

-   Cryptographic software written by Eric
Young and
software written by Tim J. Hudson.

-   Some software programs that are licensed
(or
sublicensed) to the user under the GNU General
Public License (GPL) or other similar Free
Software licenses which, among other rights,
permit the user to copy, modify and
redistribute
certain programs, or portions thereof, and
have
access to the source code.  The GPL requires
that for any software covered under the GPL
which is distributed to someone in an
executable
binary format, that the source code also be
made
available to those users.  For any such
software
covered under the GPL, the source code is made
available on this CD.  If any Free Software
licenses require that Network Associates
provide
rights to use, copy or modify a software
program
that are broader than the rights granted in
this
agreement, then such rights shall take
precedence over the rights and restrictions
herein.

-   Software originally written by Henry
Spencer,
Copyright 1992, 1993, 1994, 1997 Henry
Spencer.

-   Software originally written by Robert
Nordier,
Copyright (C) 1996-7 Robert Nordier. All
rights
reserved.

-   Software written by Douglas W. Sauder.

-   Software developed by the Apache Software
Foundation (http://www.apache.org/).

-   International Components for Unicode
("ICU")
Copyright (C) 1995-2002 International Business
Machines Corporation and others. All rights
reserved.

-   Software developed by CrystalClear
Software,
Inc., Copyright (C) 2000 CrystalClear
Software,
Inc.

-   FEAD(R) Optimizer(R) technology, Copyright
Netopsystems AG, Berlin, Germany.

-   Outside In(R) Viewer Technology (C)
1992-2001
Stellent Chicago, Inc. and/or Outside In(R)
HTML
Export, (C) 2001 Stellent Chicago, Inc.

-   Software copyrighted by Thai Open Source
Software Center Ltd. and Clark Cooper, (C)
1998,
1999, 2000.

-   Software copyrighted by Expat maintainers.

-   Software copyrighted by The Regents of the
University of California, (C) 1989.

-   Software copyrighted by Gunnar Ritter.

-   Software copyrighted by Sun
Microsystems(C),
Inc.

-   Software copyrighted by Gisle Aas. All
rights
reserved, (C) 1995-2003.

-   Software copyrighted by Michael A. Chase,
(C)
1999-2000.

-   Software copyrighted by Neil Winton, (C)
1995-1996.

-   Software copyrighted by RSA Data Security,
Inc.,
(C) 1990-1992.

-   Software copyrighted by Sean M. Burke, (C)
1999,
2000.

-   Software copyrighted by Martijn Koster,
(C)
1995.

-   Software copyrighted by Brad Appleton, (C)
1996-1999.

-   Software copyrighted by Michael G. Schwern,
(C)
2001.

-   Software copyrighted by Graham Barr, (C)
1998.

-   Software copyrighted by Larry Wall and
Clark
Cooper, (C) 1998-2000.

-   Software copyrighted by Frodo Looijaard,
(C)
1997.


DBN 006-ENG
