[unisog] Scans on tcp/41523

M. Shirk shirkdog_list at hotmail.com
Mon Feb 14 22:26:50 GMT 2005


CA BrightStor ARCServer has several vulnerabilities and one of them uses TCP 
port 41523

See 
http://www.metasploit.org/projects/Framework/exploits.html#cabrightstor_disco_servicepc
And also

http://www.k-otik.com/english/

Shirkdog
http://www.shirkdog.us



>From: Keith Schoenefeld <schoenk at utulsa.edu>
>Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
>To: unisog at lists.sans.org
>Subject: [unisog] Scans on tcp/41523
>Date: Mon, 14 Feb 2005 09:39:36 -0600
>
>I'm not sure what's going on yet, but I've started picking up a
>reasonably large number of scans on port tcp/41523 from off campus.  The
>Internet Storm Center at SANS (isc.sans.org) has a cool tool where you
>can look up a port and see if other people are picking up scans on
>specific ports.  On Feb. 12th, there were 144 total scans reported to
>isc on port 41523.  For today, and total of 46,000 scans had been
>reported (a 31,844% increase if my math is correct).  Something is up.
>Anyone know of any new worm that creates a backdoor on tcp/41523?
>
>-- KS
>
>--
>Keith Schoenefeld
>Manager of College Computer Services
>College of Engineering and Natural Sciences
>The University of Tulsa
>
>
>_______________________________________________
>unisog mailing list
>unisog at lists.sans.org
>http://www.dshield.org/mailman/listinfo/unisog

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/




More information about the unisog mailing list