{"id":"AZL-37051","summary":"CVE-2005-0868 affecting package tn5250 0.17.6-4","details":"AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.","modified":"2026-04-21T04:28:06.635085Z","published":"2005-05-02T04:00:00Z","upstream":["CVE-2005-0868"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0868"}],"affected":[{"package":{"name":"tn5250","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/tn5250"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"0.17.6-4"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37051.json"}}],"schema_version":"1.7.5"}