main shortcuts
|
Port 10000 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
10000 |
tcp |
multiple |
Applications that use this port:
Webmin - web-based system administration tool, BackupExec, Ericsson Account Manager (avim).
The Matrix Online, Everquest Online Adventures, BitTornado, Viatalk, Dungeon Fighter Online (TCP/UDP), FIFA Manager 10 (TCP/UDP)
QuickTime Streaming Server 4 also uses ports 10000-20000 (TCP).
Dumaru.Y [Symantec-2004-012316-2557-99] (2004.01.23) - multi-threaded, mass mailing worm that opens a backdoor, runs a keylogger and attempts to steal personal information. Opens ports 2283/tcp and 10000/tcp.
Other trojans that use this port: Oracle, TCP Door, XHX, OpwinTRojan
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session.
References: [CVE-2011-2077]
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP port 10000.
References: [CVE-2010-0072]
The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000.
References: [CVE-2014-8515], [XFDB-99764]
By using port 10000 TCP in VERITAS Backup Exec Remote Agent, a remote attacker may be able to gain access to, and retrieve arbitrary files from a target system.
References: [CVE-2005-2611], [BID-14551]
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.
References: [CVE-2017-2689], [BID-97170]
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link.
References: [CVE-2017-2687], [BID-97170]
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.
References: [CVE-2017-2686], [BID-97170]
An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data.
References: [CVE-2017-2876], [CVE-2017-2875]
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the modem password (which is 1234), or reconfiguring "party mode" or "vacation mode."
References: [CVE-2019-9484]
Backdoor.Win32.Dumador.C / Remote Stack Buffer Overflow (SEH) - the malware runs an FTP server on TCP port 10000. Third-party adversaries who can reach the server can send a specially crafted payload triggering a stack buffer overflow overwriting the Structured Exception Handler (SEH).
Network Data Management Protocol (TCP/UDP) (IANA official) |
SG
|
10000 |
tcp,udp |
|
Webmin - Web-based Linux admin tool (unofficial) |
Wikipedia
|
10000 |
tcp,udp |
|
BackupExec (unofficial) |
Wikipedia
|
10000 |
tcp,udp |
|
Ericsson Account Manager (avim) (unofficial) |
Wikipedia
|
10000 |
tcp |
trojan |
Oracle, TCP Door, XHX |
Trojans
|
10000 |
udp |
trojan |
XHX |
Trojans
|
10000 |
tcp |
BackupExec |
Veritas Backup Exec |
SANS
|
10000-10010 |
tcp |
applications |
BitTornado |
Portforward
|
10000,11000 |
udp |
applications |
Everquest Online Adventures |
Portforward
|
5190,10000,11000 |
tcp |
applications |
Everquest Online Adventures |
Portforward
|
10000 |
udp |
applications |
The Matrix Online |
Portforward
|
80,5190,10000,11000 |
tcp |
applications |
The Matrix Online |
Portforward
|
69,5060-5061,10000-20000 |
udp |
applications |
Viatalk |
Portforward
|
10000 |
tcp |
snet-sensor-mgmt |
SecureNet Pro Sensor https management server or apple airport admin |
Nmap
|
10000 |
tcp |
webmin |
Webmin (http://www.webmin.com) |
Neophasis
|
10000 |
tcp |
securenetpro-mgmt |
SecureNet Pro IDS Management |
Neophasis
|
10000 |
tcp |
OpwinTRojan |
[trojan] OpwinTRojan |
Neophasis
|
10000 |
tcp |
threat |
Nibu |
Bekkoame
|
10000 |
tcp |
threat |
OpwinTRojan |
Bekkoame
|
10000 |
tcp |
threat |
W32.Dumaru |
Bekkoame
|
10000 |
udp |
threat |
Cisco Systems |
Bekkoame
|
10000 |
tcp,udp |
ndmp |
Network Data Management Protocol |
IANA
|
|
22 records found
|
jump to:
|
Related ports: 69 2283 5060 5190 10001 11000
« back to SG Ports
External Resources
SANS ISC: port 10000
Notes:
Port numbers in computer networking represent communication endpoints. Ports are unsigned 16-bit integers (0-65535) that identify
a specific process, or network service. IANA is responsible for internet protocol resources, including the registration of commonly
used port numbers for well-known internet services.
Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.
TCP ports use the Transmission Control Protocol, the most commonly used protocol
on the Internet and any TCP/IP network. TCP enables two hosts
to establish a connection and exchange streams of data. TCP guarantees delivery of data
and that packets will be delivered in the same order in which they were sent.
Guaranteed communication/delivery is the key difference between TCP and UDP.
UDP ports use the Datagram Protocol. Like TCP, UDP is used in combination with IP (the Internet Protocol)
and facilitates the transmission of datagrams from one computer to applications on another computer,
but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it's up to the application that received
the message to process any errors and verify correct delivery. UDP is often used with time-sensitive
applications, such as audio/video streaming and realtime gaming, where dropping some packets is preferable to waiting for delayed data.
When troubleshooting unknown open ports, it is useful to find exactly what services/processes are listening to them.
This can be accomplished in both Windows command prompt and Linux variants using the "netstat -aon" command.
We also recommend runnig multiple anti-virus/anti-malware scans to rule out the possibility of active malicious software.
For more detailed and personalized help please use our forums.
Please use the "Add Comment" button below to provide additional information or comments about port 10000.
|
|
|
|