Loading...
[get complete service list]
Top of page
Top of page
Port Information
Protocol Service Name
tcp cert-initiator cert-initiator
udp cert-initiator cert-initiator
Top IPs Scanning
Today Yesterday
194.180.48.153 (5)194.180.48.153 (29)
167.94.146.46 (2)194.180.48.180 (11)
80.94.92.148 (2)79.124.62.126 (10)
160.19.78.247 (1)199.19.95.81 (10)
89.248.163.61 (1)80.94.92.148 (8)
194.180.48.180 (1)45.142.193.106 (5)
45.125.236.108 (1)89.248.163.61 (3)
160.19.79.72 (1)152.32.140.206 (2)
45.142.193.106 (1)162.142.125.141 (2)
User Comments
Submitted By Date
Comment
Brian Porter 2004-11-11 09:35:27
New mydoom variants discovered on 11/8/2004 exploit the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability and provide a link to an exploit page on port 1639 of the infected host (http://infectedhost:1639). Vulnerability Reference http://secunia.com/advisories/12959/
2004-11-10 22:04:10
1639/TCP is being used as a listener by MyDoom.AG and MyDoom.AH; at the least, the trojan runs a minimal HTTP server to exploit an IFrame vulnerability in Internet Explorer.
Chris Parker 2004-11-09 17:43:49
Possible new virus. Infected machines send out an email to addresses in the (outlook) address book with a link to the IP address of the machine on port 1639. Machines isolated but are unable to phyically access to investigate further at this time. Clicking on the link infects the machine that clicks. Sample email body: Hi! I am looking for new friends.

My name is Jane, I am from Miami, FL.

See my homepage with my weblog and last webcam photos!

See you!




Top of page
CVE Links
CVE # Description
Top of page