Thanks, Timo, and thanks for submitting the original bug as well.
This bug allows applications and unscreened terminal input (run or
"catted" by the user) to DOS the mosh-server (also run by the user).
It also allowed the mosh-server process (invoked by the user but
resident on a remote host and n
Package: mosh
Version: 1.2-1
Severity: important
Tags: security
I submitted details upstream at
https://github.com/keithw/mosh/issues/271
but here's also a copy:
> The commands
>
> echo -en "\e[2147483647L"
> echo -en "\e[2147483647M"
> echo -en "\e[2147483647@"
> echo -en "\e[2147483647P"
>
2 matches
Mail list logo
