COMMAND

    mutt

SYSTEMS AFFECTED

    Systems with mutt

PROBLEM

    Paul Boehm found following.   All (newer??) versions of mutt  have
    got an overflowable buffer in parse.c.  When sending an  specially
    formated Content-Type in the header you can, when putting  special
    purpose  shellcode  that  doesn't  contain  any  / ; \n and spaces
    execute arbitary  code on  the mutt  running user's  system.   The
    overflows occurs when opening the mailbox containing the malicious
    email.  So, you don't even have to view that "evil" email for this
    to work.

SOLUTION

    The primary distribution points (with fixed version):

        ftp://ftp.guug.de/pub/mutt/
        ftp://riemann.iam.uni-bonn.de/pub/mutt/