Port Vulnerability Reference

Last Modification: 07/19/2000
Roses Labs - Advanced Security Research
1999-2000. © http://www.roses-labs.com

  • Introduction

  • Legend

  • Port Table

    • Introduction

    The Port Vulnerability Reference (PVR) is a list of Internet ports (TCP & UDP) with they associated riks. The idea is, when using this table you can determine in a quick and easy way the different attacks you can suffer in case you have some of this port open (Logically you must have some ports open!).

    We feel such a table is a necesity for the security comunity, to be aware of the risks. This table not only show the associated risks, but also the port used by many know backdoors and program that use specific ports.

    Legend

    Just follow the color ;-)

  • Unix.
  • Windows (9x/NT/2000)

  • Both Platforms

    Paranthesis :

  • (Backdoor) The name say everyting.
  • (Prog) Program that use a specific port.


    • Port Table

    20
    FTP-Data
    TCP
  • Posibility of Sniff it.
    • 21
    FTP
    TCP
  • Buffer Overflow
  • Denial Of Service (DoS)

    •
  • Brute Force Attack

    •
  • Intruder Access Point
    		•
    22
    SSH
    TCP
  • Buffer Overflow

  • Brute Force Attack

    •
  • Intruder Access Point
    		•
    23
    Telnet
    TCP

  • Buffer Overflow

    •
  • Denial Of Service (DoS)

    •
  • Brute Force Attack
  • Intruder Access Point

  • Posibility of Sniff it.
    		•
    25
    STMP
    TCP
  • Buffer Overflow

    •
  • Denial Of Service (DoS)

    •
  • Gatering Information

    •
  • Intruder Access Point
    		•
    43
    Ipswitch IMail 5.0 (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    53
    DOMAIN
    TCP/UDP
  • Buffer Overflow

    •
  • Denial Of Service (DoS)

    •
  • Intruder Access Point
    		•
    69
    Trivial FTP
    UDP
  • Intruder Access Point
    		•
    70
    Gopher
    TCP
  • Posibilty of Sniff it
    		•
    79
    Finger
    TCP
  • Gatering Information
    		•
    80
    HTTP
    TCP
  • CGI Attacks
  • Buffer Oveflow

  • Denial Of Service (DoS)

  • Gatering Information

  • Intruder Access Point

  • Posibility of Sniff it.
    		•
    110
    POP3
    TCP
  • Buffer Overflow

    •
  • Denial Of Service (DoS)

    •
  • Brute Force Attack

    •
  • Intruder Access Point
    		•
    137
    NetBios ns
    TCP/UDP
  • Denial Of Service (DoS)
    		•
    138
    NetBios dgm
    TCP/UDP
  • Denial Of Service (DoS)
    		•
    139
    NetBios ssn
    TCP/UDP
  • Denial Of Service (DoS)

    •
  • Brute Force Attack

    •
  • Intruder Access Point

  • Gatering Information
    		•
    149
    IMAP
    TCP
  • Buffer Overflow

  • Intruder Access Point
    • 389
    Ipswitch IMail 5.0 (Prog)
    TCP
  • Buffer Overflow

    •
  • Intruder Access Point
  • Denial of Service (DoS)
    		•
    505
    pbbser (Backdoor)
    TCP
  • Intruder Access Point
    		•
    513
    Rlogin
    TCP
  • Posibility of Sniff it
  • Intruder Access Point
    • 555
    phAse Zero (Backdoor)
    TCP
  • Intruder Access Point
    		•
    1243
    SubSeven (Backdoor)
    TCP
  • Intruder Access Point
    		•
    2080
    Qbik WinGate 3.0 (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    2140
    DeepThroat 1,2 & 3 (Backdoor)
    UDP
  • Intruder Access Point
    		•
    3150
    DeepThroat 1,2 & 3 (Backdoor)
    UDP
  • Intruder Access Point
    		•
    3389
    Microsoft Windows NT Terminal Server
    TCP
  • Denial of Service (DoS)
    		•
    5631
    PCAnywhere32 (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    6000
    X Server
    TCP
  • Posibility of Sniff it
  • Intruder Access Point
    • 6549
    APC PowerChute PLUS (Prog)
    UDP
  • Denial of Service (DoS)
    		•
    6969
    GateCrasher 1.2 (Backdoor)
    TCP
  • Intruder Access Point
    		•
    8080
    HTTP
    TCP
  • CGI Attacks

  • Buffer Overflow

  • Denial Of Service (DoS)

  • Gatering Information

  • Intruder Access Point
    • 8181
    Ipswitch IMail 5.0 (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    8383
    Ipswitch IMail 5.0 (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    10067
    Portal of Doom (Backdoor)
    UDP
  • Intruder Access Point
    		•
    10167
    Portal of Doom (Backdoor)
    UDP
  • Intruder Access Point
    		•
    12345
    NetBus (Backdoor)
    TCP
  • Intruder Access Point
    		•
    14238
    HotSync Manager 3.0.4 (Prog)
    TCP
  • Buffer Overflow
    		•
    17300
    kuang2v (Backdoor)
    TCP
  • Intruder Access Point
    		•
    20034
    NetBus 2.0 (Backdoor)
    TCP
  • Intruder Access Point
    		•
    21554
    GirlFriend 1.3x (Backdoor)
    TCP
  • Intruder Access Point
    		•
    23456
    EvilFTP (Backdoor)
    TCP
  • Intruder Access Point
    		•
    26092
    QIB (Backdoor)
    TCP
  • Intruder Access Point
    		•
    30100
    NetSphere 1.30 (Backdoor)
    TCP
  • Intruder Access Point
    		•
    30102
    NetSphere 1.30 (Backdoor)
    TCP
  • Intruder Access Point
    		•
    31337
    Back Orifice (Backdoor)
    UDP
  • Intruder Access Point
    		•
    31457
    Tetrinet (Prog)
    TCP
  • Denial of Service (DoS)
    		•
    31785
    Hack'a'Tack (Backdoor)
    TCP
  • Intruder Access Point
    		•
    31789
    Hack'a'Tack (Backdoor)
    UDP
  • Intruder Access Point
    		•
    31791
    Hack'a'Tack (Backdoor)
    UDP
  • Intruder Access Point
    		•
    46256
    ANTI-prym/h4g1s (Backdoor)
    TCP
  • Intruder Access Point
    		•


    This table is propiety of Roses Labs. Feel free to use it but you can not modify the table without the
    approve of Roses Labs. For comments, add, changes or sugestions, please, write mail to us to the
    following address info@roses-labs.com