Synopsis :

The remote Debian host is missing a security-related update.

Description :

Byrial Jensen discovered a couple of off-by-one buffer overflow in the
IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME,
GPG, PGP and threading. This problem could potentially allow a remote
malicious IMAP server to cause a denial of service (crash) and
possibly execute arbitrary code via a specially crafted mail folder.

See also :

http://www.debian.org/security/2003/dsa-274

Solution :

Upgrade the mutt package.

For the stable distribution (woody) this problem has been fixed in
version 1.3.28-2.2.

The old stable distribution (potato) is also affected by this problem
and an update will follow.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:ND)
Public Exploit Available : false