A cross-scripting vulnerability has been found in IMP/HORDE that could allow attackers to send an e-mail message with a malformed URL. This malicious URL could be used to open the current mail session to attackers, allowing them to read and delete e-mail on the affected machine.
Caldera OpenLinux 3.1 Server users can download an update from:ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS