CVE-2012-2385

mosh < 1.2.1 - Authenticated Denial of Service via Escape Sequence with Large Repeat Count

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2385. PoCs published by Timo Juhani Lindfors.

AI-analyzed exploit summary This exploit triggers a denial-of-service condition in Mosh by sending malformed terminal escape sequences with excessively large values. The sequences cause the application to crash or enter an endless loop.

Description

The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Timo Juhani Lindfors · textdoslinux

https://www.exploit-db.com/exploits/37306

View Code ZIP pw:eip

This exploit triggers a denial-of-service condition in Mosh by sending malformed terminal escape sequences with excessively large values. The sequences cause the application to crash or enter an endless loop.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mosh (Mobile Shell) versions prior to the fix for CVE-2012-2385

No auth needed

Prerequisites: Network access to a target running vulnerable Mosh

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Patch x_refsource_confirm

https://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060e

View Patch ZIP pw:eip

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49260

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082766.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082814.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082850.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/53646

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/05/22/9

Issue Tracking x_refsource_confirm

https://github.com/keithw/mosh/issues/271

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=823943

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/75779

Various Sources x_refsource_confirm

https://github.com/keithw/mosh/blob/master/ChangeLog

View Writeup ZIP pw:eip

Scores

EPSS 0.1093

EPSS Percentile 95.3%

Details

CWE

CWE-399

Status published

Products (10)

keith_winstein/mosh 0.98c

keith_winstein/mosh 1.0

keith_winstein/mosh 1.1

keith_winstein/mosh 1.1.1

keith_winstein/mosh 1.1.2

keith_winstein/mosh 1.1.3

keith_winstein/mosh 1.1.3-1

keith_winstein/mosh 1.1.3-2

keith_winstein/mosh 1.2

keith_winstein/mosh < 1.2-2

Published Jun 29, 2012

Tracked Since Feb 18, 2026