Posted: Fri Feb 14, 2003 5:05 pm Post subject: Port 37
looks like Apache 1.3.26 running on Linix with more ports open then needs to be.. I see that port 37 is open, which is a "time" port.. I've searched for exploits on it, no go.. I did read that it is a weakness though.. anyone know anything relavent about a port 37 weakness?
The inetd running the TCP time services, daytime (prot13) and time (port 37) will crash if you send excessive SYN packets. Once inetd crashes, all other services running through inetd will no longer work. The scanner attempts to exploit this vulnerability.
Caution! Exercised caution as the inet daemon may go down on a vulnerable host.
OS Vulnerable: Linux
Fix: Turn off the two services in TCP mode. Alternatively, switch to xinetd.
Either way, close this port.
Better yet, get a firewall in front of that webserver.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum