AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-03-26T05:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-03-26T00:00:00
Link: CVE-2005-0868
JSON object: View
NVD Information
Status : Modified
Published: 2005-05-02T04:00:00.000
Modified: 2016-10-18T03:15:10.260
Link: CVE-2005-0868
JSON object: View
Redhat Information
No data.
CWE