|
Port 623 Details
known port assignments and vulnerabilities
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 623 |
tcp |
dmtf |
IPMI and BMC Remote Management Control Protocol (RMCP) systems typically use port 623/udp, but some servers also listen on port 623/tcp.
RTB 666 trojan
Citrix NetScaler appliance Lights out Management uses ports 4001, 5900, 623 TCP to run a daemon that offers unified configuration management of routing protocols.
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (a.k.a. ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
References: [CVE-2008-1491], [BID-28394]
Port is also IANA registered for DMTF out-of-band web services management protocol. |
SG
|
| 623 |
udp |
ipmi |
IMPI and BMC Remote Management Control Protocol (RMCP) systems use this port. HP, Dell, and SuperMicro IPMI 1.5 and 2.0 protocols, Intel Xserves Lights-Out-Monitoring (LOM) feature all use this port.
IPMI-based systems have a number of possible attack vectors, such as cleartext passwords, even anonymous access via impitool command to reset the password of any other user without authentication. IPMI 2.0 systems share the (SHA1 or MD5) password hash with unauthenticated clients, allowing for offline cracking. IPMI systems also store user passwords in cleartext, so a single compromised user can be used to trivially obtain even the strongest passwords for other accounts. SuperMicro BMCs are vulnerable to an additional overflow exploit in their UPnP SSDP service (UDP 1900) that will grant root access to the BMC.
See: [CVE-2013-4786], [CVE-2013-4038], [CVE-2013-4037], [CVE-2013-4031]
Cisco Unified Computing System is vulnerable to a buffer overflow, caused by improper bounds checking by the Intelligent Platform Management Interface (IPMI) implementation. By sending a specially-crafted request to UDP port 623, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
References: [CVE-2013-1183] [XFDB-83771] [BID-59453] |
SG
|
| 623 |
udp |
|
ASF Remote Management and Control Protocol (ASF-RMCP) (official) |
Wikipedia
|
| 623 |
tcp |
trojan |
RTB 666 |
Trojans
|
| 623 |
tcp,udp |
aux_bus_shunt |
Aux Bus Shunt |
SANS
|
| 623 |
udp |
asf-rmcp |
ASF Remote Management and Control |
Nmap
|
| 623 |
tcp,udp |
asf-rmcp |
ASF Remote Management and Control Protocol |
Neophasis
|
| 623 |
tcp |
oob-ws-http |
DMTF out-of-band web services management protocol, registered 2007-06 |
IANA
|
| 623 |
udp |
asf-rmcp |
ASF Remote Management and Control Protocol |
IANA
|
|
9 records found
Related ports: 680 4001 5900 1900
|