Hi folks, today I found around the corner a huge XTerm code injection.
DECRQSS Device Control Request Status String “DCS $ q” simply echoes
(responds with) invalid commands.
Exploitability is the same as for the “window title reporting” issue
in DSA-380: include the DCS string in an email message to the victim,
or arrange to have it in syslog to be viewed by root.
So for example:
perl -e ‘print “\eP\$q\netstat\n\e\\”‘ > bla.log
cat bla.log ; would run the “netstat” command.