AZL-37051

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37051.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-37051

Upstream

CVE-2005-0868

Published

2005-05-02T04:00:00Z

Modified

2026-04-21T04:28:06.635085Z

Summary

CVE-2005-0868 affecting package tn5250 0.17.6-4

Details

AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.

References

https://nvd.nist.gov/vuln/detail/CVE-2005-0868

Affected packages

Azure Linux:3 / tn5250

Package

Name: tn5250
Purl: pkg:rpm/azure-linux/tn5250

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

0.17.6-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37051.json"