| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 1129 |
tcp |
trojans |
Members scan |
Backdoor.Anyserv [Symantec-2004-032516-5704-99] (2004.03.25) - a trojan horse that gives the author unauthorized remote access to an infected computer. Due to bugs in the code of Backdoor.Anyserv, some operations may not complete successfully.
Port is IANA registered for: SAPHostControl over SOAP/HTTPS |
| 1130 |
tcp |
trojan |
Premium scan |
Noknok trojan |
| 1133 |
tcp |
trojan |
Premium scan |
SweetHeart
Data Flow Network (TCP/UDP) (IANA official) |
| 1137 |
tcp |
trojan |
Premium scan |
MTX trojan horse |
| 1140 |
tcp,udp |
autonoc |
not scanned |
Some games use this port: Dune 2000, Tiberian Sun, Westwood Online games
AutoNOC Network Operations protocol (IANA official)
|
| 1145 |
tcp |
trojans |
not scanned |
Backdoor.CHCP [Symantec-2003-020410-1446-99] (2003.02.04) - a backdoor trojan that is written in the Microsoft Visual Basic programming language. The trojan uses the same icon used by the Windows Notepad program in an attempt to deceive you into believing that it is a real Notepad text editor. Allows a hacker to remotely control an infected computer. The trojan opens TCP port 1145 by default.
Port is also IANA registered for X9 iCue Show Control |
| 1149 |
tcp,udp |
trojan |
Premium scan |
Lala [Symantec-2002-122014-1523-99] backdoor - a trojan horse that allows unauthorized access to a compromised computer. The Trojan attempts to steal confidential information (such as cached passwords and cookies), log keystrokes, and allow for remote file execution. Opens TCP/UDP port 4627, 1149, or 1877 to allow remote access.
Port is IANA assigned for: BlueView Sonar Service (bvtsonar) [Teledyne BlueView Inc] |
| 1150 |
tcp |
trojan |
Premium scan |
Orion |
| 1151 |
tcp |
trojan |
Premium scan |
Orion |
| 1153 |
tcp,udp |
c1222-acse |
not scanned |
ANSI C12.22 Port [RFC 6142] (IANA official) |
| 1155 |
tcp |
trojans |
Members scan |
W32.Reatle.E@mm [Symantec-2005-080215-5809-99] (2005.08.02) - a mass-mailing worm that opens a backdoor and also spreads by exploiting the MS DCOM RPC Vulnerability ([MS03-026]) on port 135/tcp. It uses its own SMTP engine to email itself to gathered email addresses. Opens an FTP server on port 1155/tcp. Opens a proxy server on port 2005/tcp. It also attempts to perform denial of service (DDoS) attack agains known security websites on port 1052/tcp. Note: port 1052 corresponds to the dynamic DNS service. |
| 1159 |
tcp,udp |
oracle-oms |
not scanned |
Oracle OMS |
| 1160 |
tcp |
trojan |
Premium scan |
BlackRat |
| 1166 |
tcp |
trojan |
Premium scan |
CrazzyNet |
| 1167 |
tcp |
trojans |
Members scan |
Backdoor.Bandock.A (2007.11.14) - a trojan horse that opens a back door on the compromised computer. The trojan may arrive as a spammed email attachment.
CrazzyNet trojan also uses this port. |
| 1167 |
udp,sctp |
cisco-ipsla |
not scanned |
Cisco IP SLAs Control Protocol
Phone, conference calling (UDP)
The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594.
References: [CVE-2013-1148] |
| 1168 |
tcp |
trojans |
Premium scan |
W32/Colevo@MM - mass mailing worm which harvests MSN Messenger contact addresses with backdoor capability, 6.28.2003. It opens ports 1168-1170 and 2536.
Port is also IANA registered for:
1168/tcp - VChat Conference Service |
| 1169 |
tcp |
trojans |
Premium scan |
W32/Colevo@MM - mass mailing worm which harvests MSN Messenger contact addresses with backdoor capability, 6.28.2003. It opens ports 1168-1170 and 2536.
Tripwire (IANA official) |
| 1170 |
tcp |
trojans |
Premium scan |
W32/Colevo@MM - mass mailing worm which harvests MSN Messenger contact addresses with backdoor capability, 6.28.2003. It opens ports 1168-1170 and 2536.
Psyber Streaming Server (PSS) - remote access trojan, uses ports 1170, 1509, 4000.
Streaming Audio Trojan, Voice (TCP) |
| 1174 |
tcp |
trojan |
Premium scan |
DaCryptic |
| 1176 |
tcp |
indigo-server |
not scanned |
Perceptive Automation Indigo Home automation server (IANA official) |
| 1177 |
tcp |
njrat |
Members scan |
njRAT malware default port. The njRAT (remote access tool) can remotely access and control a victim's machine, operate the webcam, log keystrokes, steal credentials stored in browsers, upload and download files, and update itself. It is widely used in the Middle East, and known to be used for cybercriminal activity. njRAT is known to use over 500 control servers and operates over 24,000 infected computers worldwide. |
| 1180 |
tcp |
trojan |
Premium scan |
Unin68 |
| 1181 |
udp |
games |
not scanned |
Heroes of Might and Magic IV |
| 1182 |
udp |
accelenet-data |
not scanned |
Heroes of Might and Magic IV
IANA registered for: AcceleNet Data |
| 1182 |
tcp |
accelenet |
not scanned |
IANA registered for: AcceleNet Control |
| 1183 |
tcp,udp |
trojans |
Members scan |
Balistix is a backdoor Trojan affecting Microsoft Windows operating systems. The backdoor uses a client/server relationship, where the server component is installed in the victim's system and the remote attacker has control of the client. The server attempts to open a port, typically TCP port 1183, to allow the client system to connect. Balistix could allow a remote attacker to gain unauthorized access to the system.
References: [XFDB-15148]
Trojans that also use this port: Cyn, SweetHeart |
| 1184 |
tcp |
laplink |
not scanned |
IANA registered for: LapLink Surf-up
Also used by: Allen-Bradley/Rockwell automation CIP messaging (PCcontroller) |
| 1194 |
tcp,udp |
openvpn |
not scanned |
OpenVPN (Virtual Private Networking) - it is newer, secure form of VPN that uses open-source technologies and is preferable to PPTP and L2TP. OpenVPN uses the OpenSSL encryption library and SSL v3/TLS v1 protocols. It listens on port 1194/UDP by default. However, it can be configured to run on any port, like 443/TCP that makes it undistinguishable from HTTPS traffic, for example.
Ooma VoIP service sets a VPN to the Ooma servers on port 1194 UDP for call setup/control. It also uses ports 49000-50000 for actual VoIP data. Other ports used: UDP 3480, UDP 514, TCP 443
QNAP NAS uses port 1194 UDP for OpenVPN connections. QNAP also uses the following ports: 873,8081,8899,1723,13131,20001. |
| 1198 |
tcp,udp |
cajo-discovery |
not scanned |
IANA registered for: cajo reference discovery |
| 1200 |
udp |
trojan |
not scanned |
NoBackO trojan
Half Life 2 Steam, Steam Friends Applet, Day of Defeat (TCP/UDP), Counter Strike, Team Fortress 2 also use this port.
IANA registered for: SCOL (TCP/UDP) |
| 1200 |
tcp |
malware |
not scanned |
Trojan-Dropper.Win32.Small.fp / Unauthenticated Open Proxy - the malware listens on random TCP ports like 2904, 1200 etc. Third-party attackers who can connect to the infected system can relay requests from the original connection to the destination and then back to the origination system. Attackers may then be able to launch attacks, download files or port scan third party systems and it will appear as the attacks originated from that infected host.
References: [MVID-2021-0312] |
| 1201 |
udp |
trojan |
not scanned |
NoBackO trojan |
| 1201 |
tcp |
trojans |
not scanned |
Backdoor.actx [Symantec-2002-052316-2753-99] (2002.05.23) - a Backdoor.Trojan which can allow unauthorized access to your computer. |
| 1207 |
tcp,udp |
trojan |
Premium scan |
SoftWAR trojan
Commandos 3: Destination Berlin also uses this port (UDP). |
| 1208 |
tcp |
trojans |
Premium scan |
Infector trojan, 04,1999. Affects Windows 9x (ICQ). Uses ports 146, 1208, 17569, 24000, 30000 |
| 1211 |
tcp,udp |
groove-dpp |
not scanned |
Groove DPP
CoDeSys Gateway Server is vulnerable to a heap-based buffer overflow, caused by the failure to check for a signed value. By sending a specially-crafted packet to TCP port 1211, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
References: [XFDB-82254], [CVE-2012-4706], [BID-58032] |
| 1212 |
tcp |
trojan |
Premium scan |
Kaos trojan
Trojan-PSW.Win32.PdPinch.gen / Remote Denial of Service - the malware listens on TCP port 1212. Third-party attackers who can reach infected systems can send a specially crafted junk HTTP request to trigger an access violation and crash.
References: [MVID-2021-0358] |
| 1214 |
tcp |
Kazaa |
Members scan |
Kazaa - peer-to-peer file sharing, some known vulnerabilities, and at least one worm (Benjamin) targeting it.
FastTrack, Apple iMesh also uses port 1214 (TCP/UDP).
iMesh is vulnerable to a buffer overflow. By connecting to the TCP port 1214 that iMesh listens on and sending a long string of data, a remote attacker can overflow a buffer and execute arbitrary code on the vulnerable system.
References: [BID-1576], [CVE-2000-0706], [OSVDB-1513], [XFDB-4829]
File-sharing application Morpheus contains a security vulnerability that allows remote users to obtain the Morpheus username of other users by establishing a telnet connection to port 1214 of a machine running Morpheus. |
| 1215 |
tcp |
trojan |
Premium scan |
Force
OpenFT also uses port 1215 (TCP/UDP). |
| 1216 |
tcp,udp |
applications |
not scanned |
OpenFT |
| 1217 |
tcp,udp |
hpss-ndapi |
not scanned |
Uvora Online uses this port (TCP)
IANA registered for: HPSS NonDCE Gateway |
| 1218 |
tcp |
trojans |
Premium scan |
Trojans that use this port:
Backdoor.Sazo [Symantec-2002-061716-5029-99] - remote access trojan, 06.2002. Affects Windows
Force/Feardoor - VB6 remote access trojan, 07.2002. Affects Windows.
Port is also IANA registered for: aeroflight-ads |
| 1219 |
tcp |
trojan |
Premium scan |
Force trojan |
| 1220 |
tcp |
qt-serveradmin |
not scanned |
The port is used for administration of QuickTime Streaming Server
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than [CVE-2003-0502].
References: [CVE-2003-0421]
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than [CVE-2003-0421].
References: [CVE-2003-0502] |
| 1221 |
tcp |
trojan |
Premium scan |
F**k Lamers Backdoor
SAM2 Broadcaster also uses port 1221 (TCP/UDP) |
| 1222 |
tcp |
trojans |
Premium scan |
D Network, F**k Lamers Backdoor |
| 1225 |
tcp |
trojan |
Premium scan |
Scarab trojan |
| 1227 |
tcp,udp |
applications |
not scanned |
DNS2Go |
| 1232 |
tcp,udp |
first-defense |
not scanned |
Defense Remote systems monitoring [Nexum] (IANA official) |
| 1234 |
tcp |
trojans |
Premium scan |
Backdoor.Ultor [Symantec-2002-061316-4604-99] (2002.06.13) - remote access trojan. Affects Windows, listens on port 1111 or 1234.
Some other trojans using this port: SubSeven 2.0, Bagle.AF.
Port is also IANA registered for: Infoseek Search Agent |
| 1234 |
udp |
games |
not scanned |
Command and Conquer Renegade
VLC media player default port for UDP/RTP stream.
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
References: [CVE-2010-4227], [BID-46535]
Green Dam could allow a remote attacker to bypass security restrictions, caused by an error when handling UDP packets. By sending a specially-crafted request to UDP port 1234, an attacker could exploit this vulnerability to set the system time.
References: [XFDB-51513], [BID-35557], [OSVDB-55533], [SECUNIA-35664]
Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235.
References: [CVE-2015-3969], [XFDB-108584] |
| 1235 |
udp |
games |
not scanned |
Command and Conquer Renegade
Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235.
References: [CVE-2015-3969], [XFDB-108584] |
| 1236 |
udp |
games |
not scanned |
Command and Conquer Renegade |
| 1236 |
tcp |
bvcontrol |
not scanned |
Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets.
References: [CVE-2017-8861]
IANA registered for: bvcontrol (TCP/UDP) |
| 1237 |
tcp,udp |
tsdos390 |
not scanned |
Port is IANA assigned to tsdos390. Also used by Command and Conquer, Dune2000. |
| 1239 |
tcp |
applications |
not scanned |
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239.
References: [CVE-2015-3971] |
| 1241 |
tcp,udp |
nessus |
not scanned |
Nessus |
| 1242 |
tcp,udp |
nmasoverip |
not scanned |
ArchiSteamFarm software (TCP)
NMAS over IP (IANA official) |
| 1243 |
tcp |
trojans |
Members scan |
Trojans that use this port: BackDoor-G, SubSeven, Sub7(*), SubSeven Apocalypse, Tiles
Backdoor.Win32.Cabrotor.10.d / Unauthenticated Remote Command Execution - the malware listens on TCP port 1243. Attackers who can reach infected systems can issue commands made up of single characters E.g. sending 'Q' will terminate the backdoor. Executing wrong or unknown commands will result in the following server response "Comando desconocido".
References: [MVID-2022-0612]
SerialGateway (IANA official) |
| 1245 |
tcp |
trojans |
Premium scan |
Trojans that use this port: GabanBus, NetBus, Voodoo Doll |
| 1250 |
tcp |
worms |
not scanned |
W32.Explet.A@mm [Symantec-2004-060219-4511-99] (2004.06.02) - a mass-mailing worm that also spreads through network shares and the Kazaa file-sharing network. The worm exploits the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin [MS04-011]) and the DCOM RPC vulnerability (described in Microsoft Security Bulletin [MS03-026]) through TCP ports 135 and 445. It may also lower security settings and download remote files.
Email-Worm.Win32.Plexus.b / Unauthenticated Remote Code Execution - the malware listens on TCP ports 1250 (file write port) and 47435 (random FTP port). Third-party attackers who can reach infected systems can use a socket program to write binary data to the remote host. The malware then writes that data to a file named "_up.exe" under
"\Users\Victim\AppData\Local\Temp" that executes immediately.
References: [MVID-2021-0400]
swldy-sias (IANA official). |
| 1255 |
tcp |
trojan |
Premium scan |
Scarab trojan |
| 1256 |
tcp |
trojans |
Premium scan |
Trojans: Project nEXT, RexxRave |
| 1257 |
tcp |
trojan |
Premium scan |
Sub Seven v2.1 |
| 1269 |
tcp |
trojans |
Premium scan |
Maverick's Matrix remote access trojan (different variants from May 1999 to January 2004). Trojan provides an attacker with the capability of remotely controlling a machine by running a server in the victim's machine. |
| 1270 |
tcp,udp |
opsmgr |
not scanned |
IANA registered for: Microsoft Operations Manager |
| 1272 |
tcp |
trojan |
Premium scan |
The Matrix trojan |
| 1275 |
tcp,udp |
applications |
not scanned |
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.
References: [BID-4221], [CVE-2002-0415], [XFDB-8336]
Port is also IANA registered for ivcollector. |
| 1280 |
tcp,udp |
games |
not scanned |
Dark Ages of Camelot game uses TCP ports 1280,10500,10622 TCP and a dynamic UDP port (1024-65535 range) |
| 1291 |
udp |
games |
not scanned |
Heroes of Might and Magic IV |
| 1292 |
tcp,udp |
dsdn |
not scanned |
Backdoor.Win32.WinShell.50 / Weak Hardcoded Password - the malware listens on TCP port 1292. Authentication is required for remote user access. However, the password "EliteKTHX" is weak and hardcoded within the executable. The PE file is protected by ExeStealth 275.a protector, after dumping the process the password is easily revealed.
References: [MVID-2021-0415]
dsdn (IANA official) |
| 1293 |
tcp,udp |
pkt-krb-ipsec |
not scanned |
IANA registered for: PKT-KRB-IPSec |
| 1300 |
tcp,udp |
h323 |
not scanned |
H.323 Secure Call Control Signalling (IANA official) |
| 1301 |
tcp |
applications |
not scanned |
IANA reserved, previously registered for: Palmer Performance OBDNet |
| 1309 |
tcp |
jtag-server |
Premium scan |
Backdoor.Jittar [Symantec-2003-100316-2418-99] (2003.10.03) - a backdoor trojan horse that gives its creator remote access to and complete control over a compromised system. By default it uses ports 1309 and 2699 to listen for commands from the trojan's creator. The existence of the file dm_mgr.exe or linxup.exe is an indication of a possible infection.
Port is also IANA registered for: Altera Quartus jtagd |
| 1310 |
tcp |
worm |
not scanned |
W32.Pandem.B.Worm [Symantec-2009-091516-2255-99] (2009.09.15) - a worm that spreads through file-sharing networks. It may also open a back door and download more malware on to the compromised computer.
Port is also IANA registered for Husky. |
| 1311 |
tcp,udp |
rxmon |
not scanned |
Dell OpenManage HTTPS
IANA registered for: RxMon |
| 1313 |
tcp,udp |
bmc-patroldb |
Premium scan |
NETrojan uses port 1313 (TCP).
Backdoor.Win32.Pahador.aj / Authentication Bypass RCE - the malware listens on TCP ports 1313 and 21. Third-party attackers who can reach infected systems can logon using any username/password combination. Intruders may then upload executables using ftp PASV, STOR commands, this can result in remote code execution.
References: [MVID-2021-0393]
BMC_PATROLDB (IANA official) |
| 1314 |
tcp |
trojan |
Premium scan |
Daodan
The default configuration of Centre for Speech Technology Research (CSTR) Festival on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314.
References: [CVE-2007-4074], [BID-25069]
Festival Speech Synthesis System also uses this port.
IANA registered for: Photoscript Distributed Printing System. |
| 1315 |
tcp |
applications |
not scanned |
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
References: [CVE-2010-4057]
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
References: [CVE-2010-4056] [SECUNIA-41873]
Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.
References: [CVE-2010-4055] [SECUNIA-41873]
Port also IANA registered for E.L.S., Event Listener Service. |
| 1319 |
tcp,udp |
amx-icsp |
not scanned |
IANA registered for: AMX-ICSP |
| 1321 |
tcp,udp |
pip |
not scanned |
Backdoor.Win32.Jtram.a / Insecure Credential Storage - the malware listens on TCP port 1321 as an FTP server. The credentials are stored in cleartext in a file named "rconnect.conf.
References: [MVID-2022-0442]
Backdoor.Win32.Jtram.a / Port Bounce Scan - the malware listens on TCP port 1321. Third-party intruders who successfully logon can abuse the backdoor FTP server as a man-in-the-middle machine allowing PORT Command bounce scan attacks using Nmap. This vulnerability allows remote attackers to abuse your system and discreetly conduct network port scanning. Victims will then think these scans are originating from the infected system running the afflicted malware FTP Server and not you.
References: [MVID-2022-0443]
PIP (IANA official) |
| 1328 |
tcp |
applications |
Members scan |
Backdoor.Darkmoon.F [Symantec-2007-103007-2330-99] (2007.10.29) - a trojan horse that opens a back door on TCP port 1328 on the compromised computer.
EchoServer also uses this port.
Port is IANA registered for EWALL |
| 1332 |
tcp |
malware |
not scanned |
Backdoor.Win32.Beastdoor.oq / Unauthenticated Remote Command Execution - the malware listens on TCP port 1332, makes outbound connections to SMTP port 25 and executes a PE file named svchost.exe dropped in Windows directory. Third party adversaries who can reach an infected host can issue various numeric commands made available by the backdoor.
References: [MVID-2024-0674] |
| 1337 |
tcp |
trojan |
Premium scan |
Razer Chroma SDK Server
Shadyshell
WireGuard VPN
WASTE Encrypted File Sharing Program also uses this port.
neo4j-shell
Strapi
Sails.js
1337 means "elite" in hacker/cracker spelling (1=L, 3=E, 7=T, "LEET"="ELITE"). Because of the reference, it may be used by some backdoors.
VX Search is vulnerable to a buffer overflow, caused by improper bounds checking by 'Proxy Host Name' field. By generating a bind shell on port 1337, a local attacker could overflow a buffer and execute arbitrary code on the system.
References: [XFDB-135140]
Enigma NMS 65.0.0 - Cross-Site Request Forgery
References: [EDB-47363]
Backdoor.Win32.Small.n / Unauthenticated Remote Command Execution (SYSTEM) - the backdoor malware listens on TCP Port 1337, upon successful connection we get handed a remote shell from the infected host with SYSTEM integrity.
References: [MVID-2021-0167]
Backdoor.Win32.WinShell.a / Unauthenticated Remote Command Execution - WinShell listens on TCP port 1337, third-party attackers who can reach the system can execute OS commands further compromising the already infected system.
References: [MVID-2021-0233]
menandmice DNS (IANA official) |
| 1338 |
tcp |
|
Premium scan |
Millenium Worm, affects Unix/Linux. |
| 1344 |
tcp |
icap |
not scanned |
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port 1344.
References: [CVE-2008-0309], [BID-27913]
Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
References: [CVE-2008-0308] [BID-27911] [SECUNIA-29140]
ICAP (IANA official) |
| 1346 |
udp |
applications |
not scanned |
Multiple vulnerabilities in Symantec Ghost Solution Suite allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
References: [CVE-2007-3132], [BID-24323]
Port is also IANA registered for Alta Analytics License Manager. |
| 1347 |
udp |
applications |
not scanned |
Multiple vulnerabilities in Symantec Ghost Solution Suite allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
References: [CVE-2007-3132], [BID-24323]
Port is also IANA registered for Multi media conferencing. |
| 1349 |
udp |
trojan |
not scanned |
BO DLL trojan |
| 1351 |
tcp |
applications |
not scanned |
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message.
Reverences: [CVE-2006-5265] [CVE-2006-5266] [BID-29991]
Digital Tool Works (MIT) (IANA official) |
| 1352 |
tcp,udp |
applications |
not scanned |
Lotus Notes
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message.
Reverences: [CVE-2006-5265] [CVE-2006-5266] [BID-29991] |
| 1369 |
tcp |
trojan |
Premium scan |
SubSeven 2.2 |
| 1380 |
tcp |
applications |
not scanned |
Warhammer Online - Age of Reckoning
IANA registered for: Telesis Network License Manager |
| 1386 |
tcp |
trojan |
Premium scan |
Dagger |
| 1387 |
tcp,udp |
cadsi-lm |
not scanned |
IANA registered for: Computer Aided Design Software Inc LM |
| 1394 |
tcp |
trojans |
Premium scan |
Backdoor G-1, GroFriller |
| 1407 |
tcp |
tibet-server |
not scanned |
TIBET Data Server (IANA official) |
| 1409 |
tcp |
trojans |
Premium scan |
Backdoor.IRC.Bifrut [Symantec-2004-110817-2626-99] (2004.11.08) - remote access trojan, can affect all current Windows versions. Opens a backdoor on port 1409/tcp bound to the command shell.
Backdoor.Brakkeshell [Symantec-2005-092114-3621-99] (2005.09.20) - a trojan horse that opens a back door on the compromised computer and waits for commands.
Port is IANA registered for: Here License Manager |
