The remote host is missing an update to xterm announced via advisory FEDORA-2009-0091.

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update xterm' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0091

Update Information: This update fixes the following security issue: CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071. ChangeLog: * Tue Jan 6 2009 Miroslav Lichvar 238-1 - update to 238 (#479000, CVE-2008-2383) - set default values of allowWindowOps and allowFontOps resources to false

• https://bugzilla.redhat.com/show_bug.cgi?id=479000

---

Updated on 2015-03-25