Vulnerability Development mailing list archives
Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME)
From: Bluefish <11a () GMX NET>
Date: Wed, 9 Aug 2000 02:46:56 +0200
With beta 5, a telnet connection would offer a prompt: "[RPL2]:"; with beta 6, no prompt. The open port remains after an uninstall.
Even after computer reboot?!?
Sounds uggly. To me it sounds very much like a backdoor, but I suppose it
could also be a broken uninstall program, failures to properly remove
applications in the windows environment is common, and usually the
uninstall softwares doesn't say antything.
Anyone had any luck in determin what application/dll is causing this? I
suppose checking for "run" entries in the registry, or looking for new
active processes, could track down the offender. (does anyone know a more
scientific method to track which process has opened a port under windows?)
IMHO, this may very well be a serious vulnerability. If it isn't a
backdoor, and a vulnerability is found in the code, numerous affected
users may not upgrade because they believe they have uninstalled the
vulnerable application!
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
Current thread:
- tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Francois . Perreault (Aug 08)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) LordRaYden (Aug 09)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Bluefish (Aug 09)
- Compaq Insight Manager /Proxy/LoginResponse DoS DK (Aug 09)
- Message not available
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) GraffiX (Aug 10)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) Pedram Amini (Aug 10)
- Re: tcp port 20445 is open after napster 2.0 beta install (win98 and winME) GraffiX (Aug 10)