Linux Mutt in the dog house

A vulnerability has been exposed in Mutt, one of the most popular Linux email clients, putting users of a number of mainstream Linux distributions at risk.

Linux security mailing lists have this week been warning users about a buffer overflow vulnerability discovered in the popular open source email client. Developers have warned that a remote attacker could exploit the vulnerability.

"By sending a carefully crafted email message to some user, the attacker can exploit this vulnerability and execute arbitrary commands on the user's machine. These commands would be executed with the privileges of the user running the email client," the advisory said.

Ollie Whitehouse, manager of security architecture for @stake, said: "It's not just Microsoft Outlook that suffers from security holes." He added that Mutt has been used since 1996 and vulnerabilities are still being discovered.

Users of the Mutt application, which is included in many mainstream Linux distributions such as Red Hat and Trustix, are advised to apply a patch found at ftp.mutt.org/pub/mutt/, or on the homepage of their Linux distributor.

The original advisory can be found on the Mutt homepage, here.