This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
A vulnerability has been discovered in xterm, which can be exploited
by malicious people to compromise a user's system. The vulnerability
is caused due to xterm not properly processing the DECRQSS Device
Control Request Status String escape sequence. This can be exploited
to inject and execute arbitrary shell commands by e.g. tricking a user
into displaying a malicious text file containing a specially crafted
escape sequence via the more command in xterm (CVE-2008-2383).
The updated packages have been patched to prevent this.
Update the affected xterm package.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true