Vulnerability Development mailing list archives
Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME)
From: Bluefish <11a () GMX NET>
Date: Wed, 9 Aug 2000 02:46:56 +0200
With beta 5, a telnet connection would offer a prompt: "[RPL2]:"; with beta 6, no prompt. The open port remains after an uninstall.
Even after computer reboot?!? Sounds uggly. To me it sounds very much like a backdoor, but I suppose it could also be a broken uninstall program, failures to properly remove applications in the windows environment is common, and usually the uninstall softwares doesn't say antything. Anyone had any luck in determin what application/dll is causing this? I suppose checking for "run" entries in the registry, or looking for new active processes, could track down the offender. (does anyone know a more scientific method to track which process has opened a port under windows?) IMHO, this may very well be a serious vulnerability. If it isn't a backdoor, and a vulnerability is found in the code, numerous affected users may not upgrade because they believe they have uninstalled the vulnerable application! ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Francois . Perreault (Aug 08)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) LordRaYden (Aug 09)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Bluefish (Aug 09)
- Compaq Insight Manager /Proxy/LoginResponse DoS DK (Aug 09)
- Message not available
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) GraffiX (Aug 10)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Pedram Amini (Aug 10)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) GraffiX (Aug 10)