Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0868

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0868
Last Modified 05 Sep 2008 04:47:33
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0868

Summary

AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.

Vulnerable Systems

Application

  • Bosanova Launcher400

  • Ibm Client Access

  • Mochasoft Tn5250

  • Powerterm Interconnect


References

MISC - http://www.venera.com/downloads/Attack_5250_terminal_emulations_from_iSeries_server.pdf

BUGTRAQ - 20050323 Backdoors in AS/400 emulations allow the server to attack connected PC workstations


Last Updated: 27 May 2016 10:39:58