CVE-2005-0868

Name of the Vulnerable Software and Affected Versions AS/400 Telnet 5250 terminal emulation clients versions (affected versions not specified)

Description The issue allows malicious AS/400 servers to execute arbitrary commands on clients using a specific sequence of commands, including STRPCO (Start PC Organizer) followed by STRPCCMD (Start PC command). This can be exploited to create a backdoor account, for example, using REXEC.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.