lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: r_i_c_h_lists at btopenworld.com (Richard Maudsley) Subject: Outlook 2003 listening on udp/3088 udp packets can be fired at all ports in that range www.mindblock.org insecure <insecure@...ritech.net> wrote: > >Ondrej Krajicek wrote: > >>Hello, >> >>I've just noticed (no, not by using tools which ship with Windows XP[1], thank you Bill), that >>Outlook 2003 binds to UDP port 3088 on all interfaces and listens. Quick Googling for it >>found no useful explanation. >> >>Does anyone know what is this good for? Another open port on my (and thousands of others) Windows box >>really does not help anything, at least when it comes to security. Anyway, I am using >>desktop firewall for access control, but knowing what this is and how can it be disabled ;-) >>will make my sleep a bit better. >> >>Regards, >> >>Ondra >> >>PS: [1] ...netstat wouldn't do, it does not display pid (or something). >> >>+>>>-----------------------------------------------------------------+ >>|Ondrej Krajicek (-KO| >>|Institute of Computer Science, Masaryk University Brno, CR | >>|http://isildur.ics.muni.cz/~ondra krajicek@....muni.cz| >>+--------------------------------------------------------------------+ >> >> >This is probably the new mail notification service used by Exchange. See >http://support.microsoft.com/default.aspx?scid=kb;EN-US;264035 > >"New mail notification messages are sent by means of UDP packets from >the server to the client. The ports used for this notification are set >by the client when the client logs on to the information store. As part >of the log on process to the information store, the client tells the >server the IP address and port where it expects to receive new mail >notification messages. This will be a UDP port in the 1024-65535 range." > >Here are instructions for how to turn it off for LookOut 2002. >http://support.microsoft.com/default.aspx?scid=kb;EN-US;305572 >2003 is probably similar. > >Even if there was some vulnerability that could be exploited through >this service, it would be hard to do, as the port number is not predictable. > >jerry > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists