Scientific Linux Security Update : xterm on SL3.x, SL4.x, SL5.x i386/x86_64
High Nessus Plugin ID 60516
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionA flaw was found in the xterm handling of Device Control Request Status String (DECRQSS) escape sequences. An attacker could create a malicious text file (or log entry, if unfiltered) that could run arbitrary commands if read by a victim inside an xterm window.
SolutionUpdate the affected xterm package.