CVE-2012-2385
published 2012-06-29CVE-2012-2385: The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape…
PriorityP418medium4CVSS 2.0
AVNACLAuSCNINAP
EXPLOIT
EPSS
10.93%
95.3th percentile
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mosh | < mosh 1.2.1-1 (bookworm) | mosh 1.2.1-1 (bookworm) |
| keith_winstein | mosh | <= 1.2-2 | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | — | — |
| keith_winstein | mosh | >= 0 < 1.2.1-1 | 1.2.1-1 |
| keith_winstein | mosh | >= 0 < 1.2.1-1 | 1.2.1-1 |
| keith_winstein | mosh | >= 0 < 1.2.1-1 | 1.2.1-1 |
| keith_winstein | mosh | >= 0 < 1.2.1-1 | 1.2.1-1 |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv4.0MEDIUM
vendor_debian4.0LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5c6w-jx22-cv5x: The terminal dispatcher in mosh before 1
ghsa_unreviewed·2022-05-17
CVE-2012-2385 [MEDIUM] GHSA-5c6w-jx22-cv5x: The terminal dispatcher in mosh before 1
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
OSV
CVE-2012-2385: The terminal dispatcher in mosh before 1
osv·2012-06-29·CVSS 4.0
CVE-2012-2385 [MEDIUM] CVE-2012-2385: The terminal dispatcher in mosh before 1
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
Debian
CVE-2012-2385: mosh - The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users t...
vendor_debian·2012·CVSS 4.0
CVE-2012-2385 [MEDIUM] CVE-2012-2385: mosh - The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users t...
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
Scope: local
bookworm: resolved (fixed in 1.2.1-1)
bullseye: resolved (fixed in 1.2.1-1)
forky: resolved (fixed in 1.2.1-1)
sid: resolved (fixed in 1.2.1-1)
trixie: resolved (fixed in 1.2.1-1)
No detection rules found.
Bugzilla
CVE-2012-2385 mosh: mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher [epel-all]
bugzilla·2012-06-15·CVSS 4.0
CVE-2012-2385 [MEDIUM] CVE-2012-2385 mosh: mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher [epel-all]
CVE-2012-2385 mosh: mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://a
Bugzilla
CVE-2012-2385 mosh: DoS (excessive CPU use) by processing short ANSI escape sequence
bugzilla·2012-05-22·CVSS 4.0
CVE-2012-2385 [MEDIUM] CVE-2012-2385 mosh: DoS (excessive CPU use) by processing short ANSI escape sequence
CVE-2012-2385 mosh: DoS (excessive CPU use) by processing short ANSI escape sequence
CVE Request:
[4] http://www.openwall.com/lists/oss-security/2012/05/22/6
Discussion:
This issue affects the versions of the mosh package, as shipped with Fedora release of 15 and 16. Please schedule an update.
---
Created mosh tracking bugs for this issue
Affects: fedora-all [bug 823950]
---
Added CVE as per http://www.openwall.com/lists/oss-security/2012/05/22/9
---
This bug relates to inefficient processing of some ANSI escape sequences by the Mosh terminal emulator.
An application or mosh-server can send a large value as the "repeat count" of an ANSI escape sequence, causing the mosh-server or mosh-client to spend a lot of CPU time interpreting a short ANSI escape sequence.
Because these app
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082766.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/082814.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/082850.htmlhttp://secunia.com/advisories/49260http://www.openwall.com/lists/oss-security/2012/05/22/9http://www.securityfocus.com/bid/53646https://bugzilla.redhat.com/show_bug.cgi?id=823943https://exchange.xforce.ibmcloud.com/vulnerabilities/75779https://github.com/keithw/mosh/blob/master/ChangeLoghttps://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060ehttps://github.com/keithw/mosh/issues/271http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082766.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/082814.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/082850.htmlhttp://secunia.com/advisories/49260http://www.openwall.com/lists/oss-security/2012/05/22/9http://www.securityfocus.com/bid/53646https://bugzilla.redhat.com/show_bug.cgi?id=823943https://exchange.xforce.ibmcloud.com/vulnerabilities/75779https://github.com/keithw/mosh/blob/master/ChangeLoghttps://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060ehttps://github.com/keithw/mosh/issues/271
2012-06-29
Published