| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 40116 |
tcp,udp |
applications |
not scanned |
GMPlayer - application uses port 40116 for downloading/upstreaming music, audio and/or video files from the Internet. |
| 40123 |
udp |
applications |
not scanned |
Flatcast |
| 40193 |
tcp,udp |
applications |
not scanned |
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
References: [CVE-2000-0669], [BID-1467] |
| 40308 |
tcp |
trojan |
Premium scan |
SubSARI trojan [Symantec-2003-030315-2821-99] |
| 40404 |
tcp |
trojans |
Members scan |
W32.Randex.DFJ [Symantec-2005-040512-3029-99] (2005.04.06) - network-aware worm that spreads via network shares exploiting weak passwords. Opens a backdoor on port 40404/tcp and connects to IRC server on the tunit.p2p.com.hk doman. It can be remotely controlled via IRC. |
| 40412 |
tcp |
trojan |
Premium scan |
The Spy trojan horse |
| 40421-40426 |
tcp |
trojans |
Premium scan |
Master's Paradise - remote access trojan, 03.1998. Affects Windows, uses ports 31, 3129, 40421-40426.
Port 40421/tcp also used by Agent 40421 trojan. Check port 30/tcp as well. |
| 40443 |
tcp,udp |
applications |
not scanned |
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443.
References: [CVE-2015-7820]
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.
References: [CVE-2015-7817] |
| 40444 |
udp |
games |
not scanned |
Nemesis Of The Roman Empire |
| 40445 |
tcp |
games |
not scanned |
Nemesis Of The Roman Empire |
| 40447 |
tcp,udp |
games |
not scanned |
Nemesis Of The Roman Empire |
| 40615 |
udp |
applications |
not scanned |
Monopoly Tycoon, developer: Deep Red |
| 40649 |
udp |
games |
not scanned |
Virtual Tennis, developer: Strangelite |
| 40815 |
tcp |
rapid7 |
not scanned |
Rapid7 Security uses these ports:
80/443/tcp - outbound traffic to rapid7.com for encrypted diagnostic information and updates
3780/tcp - HTTPS web interface access to the security console
40815/tcp - Rapid7 scan engine outbound communication with console |
| 40816 |
udp |
nitroshare |
not scanned |
NitroShare (cross-platform network file sharing application) uses port 40818/tcp for transfers and port 40816/udp for broadcasts. |
| 40818 |
tcp |
nitroshare |
not scanned |
NitroShare (cross-platform network file sharing application) uses port 40818/tcp for transfers and port 40816/udp for broadcasts. |
| 40843 |
tcp,udp |
csccfirewall |
not scanned |
CSCCFIREWALL |
| 40853 |
udp |
ortec-disc |
not scanned |
IANA registered for: ORTEC Service Discovery |
| 40999 |
tcp |
trojan |
Premium scan |
DiemsMutter trojan
The DB service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password.
References: [CVE-2015-7819] |
| 41001 |
tcp |
trojans |
Premium scan |
Backdoor.Pharvest [Symantec-2007-112311-2312-99] (2007.11.23) - a trojan that steals sensitive information from the compromised computer, opens port 41001/tcp. |
| 41005 |
|
games |
not scanned |
Far Cry |
| 41006 |
udp |
games |
not scanned |
Far Cry |
| 41013 |
tcp |
applications |
not scanned |
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than [CVE-2012-2607].
References: [CVE-2012-4026] |
| 41014 |
tcp |
|
not scanned |
The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port).
References: [CVE-2012-2607] |
| 41025 |
tcp |
applications |
not scanned |
Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025.
References: [CVE-2008-2158], [BID-29399] |
| 41121 |
tcp |
tentacle |
not scanned |
Tentacle Server |
| 41144 |
tcp |
teamspeak |
not scanned |
Teamspeak 3 default tsdns port.
TS3 uses the following ports:
9987 UDP (default voice port)
10011 TCP (default serverquery port)
30033 TCP (default filetransfer port)
41144 TCP (default tsdns port)
TS3 also connects to: accounting.teamspeak.com:2008 (TCP for license checks) and weblist.teamspeak.com:2010 (UDP). TS3 weblist also uses ports 2011-2110 (UDP out, first available port in range).
|
| 41170 |
tcp,udp |
applications |
not scanned |
Piolet |
| 41222 |
udp |
applications |
not scanned |
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SocketService module, which listens on UDP port 41222 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-21162.
References: [CVE-2023-51571] |
| 41230 |
tcp |
z-wave-s |
not scanned |
Z-Wave Protocol over SSL/TLS (IANA official) |
| 41230 |
udp |
z-wave-s |
not scanned |
Z-Wave Protocol over DTLS (IANA official) |
| 41337 |
tcp |
trojan |
Premium scan |
Storm trojan |
| 41455 |
udp |
games |
not scanned |
MOTO GP 2 |
| 41523 |
tcp |
applications |
not scanned |
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
References: [CVE-2008-1979], [BID-28927]
Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.
References: [CVE-2006-5143] [BID-20365] [SECUNIA-22285] |
| 41524 |
udp |
ArcServe |
not scanned |
Arc Serve (looks for license violations)
Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
References: [CVE-2005-0260] |
| 41626 |
tcp |
trojan |
Premium scan |
Shah trojan |
| 41666 |
tcp,udp |
trojan |
Premium scan |
Remote Boot trojan |
| 41794 |
tcp |
crestron-cip |
not scanned |
IANA registered for: Crestron Control Port |
| 41795 |
tcp,udp |
crestron-ctp |
not scanned |
IANA registered for: Crestron Terminal Port |
| 41796 |
tcp |
crestron-cips |
not scanned |
IANA registered for: Crestron Secure Control Port |
| 41797 |
tcp |
crestron-ctps |
not scanned |
IANA registered for: Crestron Secure Terminal Port |
| 41823 |
tcp,udp |
applications |
not scanned |
Murealm Client |
| 41934 |
tcp |
trojans |
Premium scan |
Backdoor.Ranky.C [Symantec-2003-102714-5526-99] (2003.10.27) - a trojan horse that runs as a proxy server. By default, the trojan opens TCP port 41934. |
| 41952 |
tcp,udp |
applications |
not scanned |
Tversity Media Player - this application uses port 41952 to download video, audio and/or music files from the Internet. You can run TVersity in PCs, as well as in Playstations, Nintendo Wii, and the Xbox 360.
BitTorrent also uses this port. |
| 42042-42051 |
tcp,udp |
voddler |
not scanned |
Voddler uses ports 42042-42051 and 50726. |
| 42100 |
tcp |
games |
not scanned |
Medal of Honor 2010 |
| 42172 |
tcp |
applications |
not scanned |
iTunes Radio streams |
| 42321 |
tcp |
trojans |
Premium scan |
Backdoor.Ranky.E [Symantec-2004-031918-5809-99] - a trojan horse that runs as a proxy server, opens TCP port 42321 by default. |
| 42424 |
tcp |
applications |
not scanned |
ASP.NET Session State, ASP.NET State Service |
| 42500 |
udp |
games |
not scanned |
Heroes of Might and Magic V |
| 42508 |
tcp,udp |
candp |
not scanned |
Computer Associates network discovery protocol |
| 42509 |
tcp,udp |
candrp |
not scanned |
Computer Associates discovery response |
| 42510 |
tcp,udp |
caerpc |
not scanned |
Computer Associates eTrust RPC |
| 42511 |
tcp |
inoculateit |
not scanned |
eTrust AV - default port for Computer Associates' eTrust antivirus, a.k.a InoculateIT. |
| 42557 |
tcp |
applications |
not scanned |
iTunes Radio streams |
| 42590 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42591 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42592 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42593 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42594 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42595 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42893 |
udp |
games |
not scanned |
Virtual Tennis, developer: Strangelite |
| 42999 |
tcp |
curiosity |
not scanned |
API endpoint for search application (IANA official) |
| 43000 |
tcp |
recvr-rc |
not scanned |
Receiver Remote Control [Research_Electronics_International] (IANA official) |
| 43000 |
udp |
recvr-rc-disc |
not scanned |
Receiver Remote Control Discovery [Research_Electronics_International] (IANA official) |
| 43034 |
tcp,udp |
applications |
not scanned |
LarmX.comâ„¢ database update mtr port |
| 43047 |
tcp |
applications |
Premium scan |
TheosMessenger, TheosNet-Admin uses these ports:
2500/tcp, 2501/tcp - listening for client connections
43047/tcp, 43048/tcp - service ports |
| 43048 |
tcp |
applications |
not scanned |
TheosMessenger, TheosNet-Admin uses these ports:
2500/tcp, 2501/tcp - listening for client connections
43047/tcp, 43048/tcp - service ports |
| 43188 |
tcp,udp |
reachout |
not scanned |
REACHOUT |
| 43189 |
tcp,udp |
ndm-agent-port |
not scanned |
NDM-AGENT-PORT |
| 43190 |
tcp,udp |
ip-provision |
not scanned |
IP-PROVISION |
| 43191 |
tcp |
noit-transport |
not scanned |
Reconnoiter Agent Data Transport |
| 43210 |
tcp |
trojan |
Premium scan |
Master's Paradise, Schoolbus 1.6 / 2.0 trojan horse
Octave network daemon
Shaper Automation Server Management [Shaper_Automation] (IANA official) |
| 43210 |
udp |
shaperai-disc |
not scanned |
Bombsquad game uses port 43210 UDP
Shaper Automation Server Management Discovery [Shaper_Automation] (IANA official) |
| 43287 |
tcp |
trojans |
Members scan |
W32.Mytob.KU@mm [Symantec-2005-101522-1102-99] - mass-mailing worm that uses its own SMTP engine, has backdoor capabilities, and lowers security settings on the compromised computer. Opens a backdoor and listens for remote commands on port 43287/tcp.
Also: W32.Mytob.KR@mm [Symantec-2005-101517-4223-99] variant. |
| 43438 |
udp |
hmip-routing |
not scanned |
IANA registered for: HmIP LAN Routing |
| 43439 |
tcp |
eq3-update |
not scanned |
EQ3 firmware update [eQ-3 AG] (IANA official) |
| 43439 |
udp |
eq3-config |
not scanned |
EQ3 discovery and configuration [eQ-3 AG] (IANA official) |
| 43440 |
tcp |
ew-mgmt |
not scanned |
Cisco EnergyWise Management |
| 43440 |
udp |
ew-disc-cmd |
not scanned |
Cisco EnergyWise Discovery and Command Flooding |
| 43441 |
tcp,udp |
ciscocsdb |
not scanned |
Cisco NetMgmt DB Ports [Cisco Systems] (IANA official) |
| 43594 |
tcp,udp |
applications |
not scanned |
Runescape Private Server |
| 43595 |
tcp |
applications |
not scanned |
RuneScape JAGGRAB servers |
| 43654 |
tcp |
viera |
not scanned |
Panasonic Viera cast may use the following ports: 80, 443, 43654, 48705 |
| 43690 |
udp |
applications |
not scanned |
Huawei EchoLife HG520c could allow a remote attacker to obtain sensitive information, caused by an error when processing packets. By sending specially-crafted packets to UDP port 43690, a remote attacker could exploit this vulnerability to obtain firmware version, IP addresses and other sensitive information.
References: [XFDB-57952], [BID-39650], [SECUNIA-39491] |
| 43720 |
udp |
trojan |
not scanned |
KiLo trojan [Symantec-2003-021319-1815-99] |
| 43900 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 uses ports 43900-43910 |
| 43910 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 uses ports 43900-43910 |
| 43958 |
tcp |
applications |
Members scan |
Serv-U FTP Server
Trojans that use this port:
Backdoor.ServU-based (AVP), Backdoor.ServU.B (Central Command), Troj/Vicwor-A, BKDR_ServU_ey |
| 43981 |
udp |
applications |
not scanned |
Netware IP, Vicar networks X10 mgmt |
| 44000 |
udp |
games |
not scanned |
Brothers in Arms: Road To Hill 30, Far Cry, Heroes of Might and Magic V, Rainbox Six 3: Raven Shield |
| 44000 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 |
| 44003 |
tcp,udp |
applications |
not scanned |
MTA SA R1.0 |
| 44014 |
tcp,udp |
trojan |
not scanned |
Iani trojan |
| 44123 |
tcp |
z-wave-s |
not scanned |
Z-Wave Secure Tunnel [Sigma Designs Inc] (IANA official) |
| 44280 |
tcp |
trojans |
Premium scan |
Backdoor.Amitis.B [Symantec-2003-051915-1012-99] (2003.05.19) Windows remote access trojan. Listens on ports 3547, 7823, 12345, 13173, 44280, 44390, 47387, 64429. Other variants of Backdoor.Amitis also use ports 27, 551. |
| 44323 |
udp |
pcp |
not scanned |
IANA registered for: Port Control Protocol |
| 44333 |
tcp,udp |
applications |
not scanned |
Kerio MailServer, Kerio Personal Firewall, and Kerio WinRoute Firewall are vulnerable to a denial of service attack. A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
| 44334 |
tcp,udp |
tiny firewall |
Members scan |
Remote administration port used by Tiny Personal Firewall, and Kerio Personal firewall.
There is a possible exploit in Kerio Personal Firewall using this port: SecuriTeam 5HP0A2AA1Y
Also Kerio personal firewall has hidden "Internal Traffic Rules" that allow for open ports not being displayed in the GUI.
A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
| 44337 |
tcp,udp |
applications |
not scanned |
Kerio MailServer, Kerio Personal Firewall, and Kerio WinRoute Firewall are vulnerable to a denial of service attack. A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
