main shortcuts
|
Port 9090 Details
known port assignments and vulnerabilities
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 9090 |
tcp |
servers |
Cherokee Web Server Admin Panel, Aphex Remote Packet Sniffer, SqueezeCenter control (CLI), Webwasher, Secure Web, McAfee Web Gateway - Default Proxy Port, Openfire Administration Console
Linux browser-based server administration platform (Cockpit Fedora, Arch Linux, CentOS, RHEL) - listens on port 9090 tcp by default (both HTTP and HTTPS connections).
Symantec Endpoint Protection Manager (SEPM) uses this port for initial HTTP communication between a remote management console and the SEPM to display the login screen.
Prometheus (open-source system monitoring) uses these TCP ports:
9090 (server)
9091 (Pushgateway)
9093 (Alertmanager)
9094 (Alertmanager clustering)
9100-9563 - Prometheus Exporters
See: https://github.com/prometheus/prometheus/wiki/Default-port-allocations
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
References: [CVE-2002-0781]
Multiple HP Intelligent Management Center products could allow a remote attacker to execute arbitrary code on the system, caused by an error in the iNOdeMngChecker.exe component. An attacker could exploit this vulnerability to execute arbitrary code on the system with SYSTEM-level privileges.
References: [XFDB-68348]
SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The `spicedb serve` command contains a flag named `--grpc-preshared-key` which is used to protect the gRPC API from being accessed by unauthorized requests. The values of this flag are to be considered sensitive, secret data. The `/debug/pprof/cmdline` endpoint served by the metrics service (defaulting running on port `9090`) reveals the command-line flags provided for debugging purposes. If a password is set via the `--grpc-preshared-key` then the key is revealed by this endpoint along with any other flags provided to the SpiceDB binary. This issue has been fixed in version 1.19.1. ### Impact All deployments abiding by the recommended best practices for production usage are **NOT affected**: - Authzed's SpiceDB Serverless - Authzed's SpiceDB Dedicated - SpiceDB Operator Users configuring SpiceDB via environment variables are **NOT affected**. Users **MAY be affected** if they expose their metrics port to an untrusted network and are configuring `--grpc-preshared-key` via command-line flag. ### Patches TODO ### Workarounds To workaround this issue you can do one of the following: - Configure the preshared key via an environment variable (e.g. `SPICEDB_GRPC_PRESHARED_KEY=yoursecret spicedb serve`) - Reconfigure the `--metrics-addr` flag to bind to a trusted network (e.g. `--metrics-addr=localhost:9090`) - Disable the metrics service via the flag (e.g. `--metrics-enabled=false`) - Adopt one of the recommended deployment models: [Authzed's managed services](https://authzed.com/pricing) or the [SpiceDB Operator](https://github.com/authzed/spicedb-operator) ### References - [GitHub Security Advisory issued for SpiceDB](https://github.com/authzed/spicedb/security/advisories/GHSA-cjr9-mr35-7xh6) - [Go issue #22085](https://github.com/golang/go/issues/22085) for documenting the risks of exposing pprof to the internet - [Go issue #42834](https://github.com/golang/go/issues/42834) discusses preventing pprof registration to the default serve mux - [semgrep rule go.lang.security.audit.net.pprof.pprof-debug-exposure](https://semgrep.dev/r?q=go.lang.security.audit.net.pprof) checks for a variation of this issue ### Credit We'd like to thank Amit Laish, a security researcher at GE Vernova for responsibly disclosing this vulnerability.
References: [CVE-2023-29193]
WebSM (IANA official) |
SG
|
| 9090 |
udp |
applications |
MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.
References: [CVE-2006-0360], [BID-16285], [SECUNIA-18512]
ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090.
References: [CVE-2006-0302] [BID-16285] [SECUNIA-18511] [OSVDB-22516] |
SG
|
| 9090 |
tcp |
|
Openfire Administration Console (unofficial) |
Wikipedia
|
| 9090 |
tcp |
|
SqueezeCenter control (CLI) (unofficial) |
Wikipedia
|
| 9090 |
tcp |
trojan |
Aphex's Remote Packet Sniffer |
Trojans
|
| 9090 |
tcp |
zeus-admin |
Zeus admin server |
SANS
|
| 9090 |
tcp |
zeus-admin |
Zeus admin server |
Nmap
|
| 9090 |
tcp,udp |
websm |
WebSM |
IANA
|
|
8 records found
|
jump to:
|
Related ports: 2638 2812 2967 8014 8080 9091
« back to SG Ports
External Resources
SANS Internet Storm Center: port 9090
Notes:
Port numbers in computer networking represent communication endpoints. Ports are unsigned 16-bit integers (0-65535) that identify
a specific process, or network service. IANA is responsible for internet protocol resources, including the registration of commonly
used port numbers for well-known internet services.
Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.
TCP ports use the Transmission Control Protocol, the most commonly used protocol
on the Internet and any TCP/IP network. TCP enables two hosts
to establish a connection and exchange streams of data. TCP guarantees delivery of data
and that packets will be delivered in the same order in which they were sent.
Guaranteed communication/delivery is the key difference between TCP and UDP.
UDP ports use the Datagram Protocol. Like TCP, UDP is used in combination with IP (the Internet Protocol)
and facilitates the transmission of datagrams from one computer to applications on another computer,
but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it's up to the application that received
the message to process any errors and verify correct delivery. UDP is often used with time-sensitive
applications, such as audio/video streaming and realtime gaming, where dropping some packets is preferable to waiting for delayed data.
When troubleshooting unknown open ports, it is useful to find exactly what services/processes are listening to them.
This can be accomplished in both Windows command prompt and Linux variants using the "netstat -aon" command.
We also recommend runnig multiple anti-virus/anti-malware scans to rule out the possibility of active malicious software.
For more detailed and personalized help please use our forums.
|
Please use the "Add Comment" button below to provide additional information or comments about port 9090.
|
|
|
|
|
