Michael P. Soulier wrote: > > Such things are harmless, if inappropriate to this list. Lets not > forget however, that Mutt recently was found to be susceptible to a > buffer overflow that could be spread through an email, no? Thankfully > it was quickly patched, and thanks to Debian, I had it upgraded before > I knew about the exploit. Was that exploit as dangerous as recent MS > Lookout! virii? Just curious.
the buffer overflow IIRC was something that was VERY unlikely to result in an actual exploit (read me's email to the list on the subject in the archives); not only that, but it would only result in the privileges of the user running mutt (hint... don't read email as root!). i think there's a big difference between a gaping security hole, and a vulnerability which most likely would be difficult to exploit in actual practice. w
