Port(s) | Protocol | Service | Details | Source |
---|
9000 | tcp | trojans | ManageEngine AssetExplorer (IT asset management software) uses port 9000 TCP by default. Buffalo LinkSystem Web access (unofficial), DBGp, SqueezeCenter web server & streaming, Play! Framework web server Games that use this port: Port 9000 is used by the EverQuest World server. Dungeons & Dragons Online uses ports 9000-9010 (TCP/UDP) Lord of the Rings Online uses ports 9000-9010 W32.Randex.CZZ [Symantec-2005-031510-5713-99] (2005.03.15) - network aware worm that attempts to connect to an IRC server on port 9000/tcp for remote instructions. W32.Mytob.GK@mm [Symantec-2005-062814-3052-99] (2005.06.28) - mass-mailing worm that opens a backdoor on port 9000/tcp. Netministrator trojan also uses port 9000. Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. References: [CVE-2001-0585] [BID-2494] Multiple KWORLD products could allow a remote attacker to bypass security restrictions, caused by the failure to validate communications on port 9000. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. References: [XFDB-101454] Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. References: [CVE-2015-8286] Astoria ARV7510 could allow a remote attacker to gain unauthorized access to the system. By connecting to the 9000 port on the vulnerable device, a remote attacker could exploit this vulnerability to view, modify, delete and upload new files to the USB storage device. References: [XFDB-104630] Huawei HG553 could allow a remote attacker to gain unauthorized access to the system. By connecting to the 9000 port on the vulnerable device, a remote attacker could exploit this vulnerability to view, modify, delete and upload new files to the USB storage device. References: [XFDB-104618] Observa Telecom VH4032N could allow a remote attacker to gain unauthorized access to the system. By connecting to the 9000 port on the vulnerable device, a remote attacker could exploit this vulnerability to view, modify, delete and upload new files to the USB storage device. References: [XFDB-104554] Huawei HG556a could allow a remote attacker to gain unauthorized access to the system. By connecting to the 9000 port on the vulnerable device, a remote attacker could exploit this vulnerability to view, modify, delete and upload new files to the USB storage device. References: [XFDB-104624] An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request. References: [CVE-2018-17440], [EDB-45533] WonderCMS is vulnerable to SSRF Vulnerability. In order to exploit the vulnerability, an attacker must have a valid authenticated session on the CMS. The theme/plugin installer does not sanitize the destination of github/gitlab url, so attacker can point the destination to localhost. When the attacker points the request to localhost, this leads to SSRF vulnerability. The highest impact leads to RCE with gopher scheme and FastCGI running on port 9000. References: [EDB-49154] SonarQube Web Server also uses port 9000. | SG | 9000 | udp | games | Asheron's Call Zmodo DK4001, UDPCast | SG | 9000 | tcp | Buffalo LinkSystem Web access (unofficial) | Wikipedia | 9000 | tcp | DBGp (unofficial) | Wikipedia | 9000 | tcp | SqueezeCenter web server & streaming (unofficial) | Wikipedia | 9000 | udp | UDPCast (unofficial) | Wikipedia | 9000 | tcp | trojan | [trojan] Netministrator | Trojans | 9000 | tcp | Netministrator | [trojan] Netministrator | SANS | 5060,9000-9015 | udp | applications | 3CX | Portforward | 9000-9001, 9004-9005, 9012-9013 | udp | applications | Asherons Call | Portforward | 2900-2910,9000-9010 | udp | applications | Dungeons + Dragons Online | Portforward | 9000-9001,9010 | tcp | applications | JetCast | Portforward | 2900-2910,9000-9010 | udp | applications | Lord of the Rings Online | Portforward | 6073,6500,9000 | tcp | applications | Railroad Tycoon III | Portforward | 9000 | udp | applications | SightSpeed | Portforward | 9000 | tcp,udp | applications | Tamago | Portforward | 9000 | tcp | AltaVista HTTP Server - may be an attempt to compromise an AltaVista HTTP (web) server. | Bekkoame | 9000 | tcp | threat | Sendmail Switch SDAP Sendmail's 'Switch' protocol listens on this TCP port. It also listens on port 8890. | Bekkoame | 9000 | tcp | threat | W32.Esbot | Bekkoame | 9000 | tcp | threat | W32.Mytob | Bekkoame | 9000 | tcp | threat | W32.Randex | Bekkoame | 9000 | udp | threat | Asheron's Call This port is used in Microsoft's massively-multiplayer game called 'Asheron's Call'. The game can continue to contact the player even after the player has logged out. | Bekkoame | 9000 | tcp,udp | cslistener | CSlistener | IANA |
|