Vulnerable Ports
This list (a very small part of our SG Ports database) includes TCP/UDP ports currently tested by our Security Scanner, and corresponding potential security threats.
We update the list on a regular basis, however if you feel we should add other port(s) to the list or modify their descriptions, please .
Any feedback and suggestions can also be posted to our Network Security forum.
| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 65506 |
tcp |
trojans |
Premium scan |
Port 65506 is used by some trojans for a spam email relay.
PhatBot (a.k.a. Agobot, Gaobot) - most variants exploit the MS DCOM RPC vilnerability (MS Security Billetin [MS03-026]) and the RPC locator vulnerability (MS Security Bulletin [MS03-001]) to spread. Some variants scan port 65506 for a possible backdoor. |
| 65511 |
tcp |
applications |
not scanned |
A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.
References: [CVE-2011-3975] [BID-49916] |
| 65520 |
tcp |
virus |
not scanned |
W32.Virut.B [Symantec-2007-030116-3455-99] (2007.03.01) - a virus that infects executable files and opens a back door on the compromised computer |
| 65530 |
tcp |
trojan |
Members scan |
Backdoor.Mite [Symantec-2002-090309-2255-99] - remote access trojan with password-stealing capabilities, affects Windows. Opens a backdoor on port 61000/tcp. BD Windows Mite 1.0 variant listens on port 65530/tcp. |
| 65532 |
udp |
trojans |
Premium scan |
The Traitor (th3tr41t0r) trojan uses ports 65432/tcp and 65532/udp |
| 65534 |
tcp |
trojans |
Premium scan |
[trojan] /sbin/initd - reported on Linux hosts as a hacked backdoor along with tcp port 1049
Port also used by NetMeeting with H323 |
| 65535 |
tcp |
trojans |
Premium scan |
Trojans using this port: Adore, Sins, ShitHeep, RC trojan
Apple Xsan Filesystem Access uses the dynamic/private range 49152-65535 (TCP/UDP) as well. |
| 65535 |
udp |
games |
not scanned |
Lord of the Rings: Battle for Middle Earth 2, Dark Ages of Camelot, Final Fantasy XI (TCP/UDP)
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
References: [CVE-2007-1674], [BID-23483] |
Vulnerabilities listed: 8 (some use multiple ports)
| 
Shortcuts