Ubuntu 5.04 / 5.10 / 6.06 LTS : mutt vulnerability (USN-307-1)
High Nessus Plugin ID 27882
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionTAKAHASHI Tamotsu discovered that mutt's IMAP backend did not sufficiently check the validity of namespace strings. If an user connects to a malicious IMAP server, that server could exploit this to crash mutt or even execute arbitrary code with the privileges of the mutt user.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected mutt package.