Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC Port Details:


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Graph

[show ascii data]
Graph Criteria
  • Start Date:
  • End Date:
  • Port:
  • Left Y Axis:
  • Right Y Axis:

Port Information

Protocol Service Name
tcp ssdp SSDP
udp ssdp SSDP
[get complete service list]

User Comment

Submitted By Date
Comment
2013-01-31 13:51:48
Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnp Vulnerability Note VU#922681 http://www.kb.cert.org/vuls/id/922681
Thiago P. Macedo 2006-12-31 08:09:33
SSDP Discovery Service SSDP Discovery Service implements Simple Service Discovery Protocol (SSDP) as a Windows service. SSDP Discovery Service manages receipt of device presence announcements, updates its cache, and passes these notifications along to clients with outstanding search requests. SSDP Discovery Service also accepts registration of event callbacks from clients, turns these into subscription requests, and monitors for event notifications. It then passes these requests along to the registered callbacks. This system service also provides hosted devices with periodic announcements. Currently, the SSDP event notification service uses TCP port 5000. Starting with the next Windows XP service pack, it will rely on TCP port 2869. Note At the time of this writing, the current Windows XP service pack level is Windows XP Service Pack 1 (SP1). System service name: SSDPRSR Application protocol Protocol Ports SSDP UDP 1900 SSDP event notification TCP 2869 SSDP legacy event notification TCP 5000 (See http://support.microsoft.com/Default.aspx?kbid=832017 for more details).
Johannes Ullrich 2003-02-25 19:02:42
This port is used by 'Universal Plug and Play' (UPNP). By default, Windows XP has this function enabled. Some more recent routers use it as well. UPNP is designed to allow network devices to configure themself automatically.
Add a comment

CVE Links

CVE # Description
CVE-2001-876 "Buffer overflow in Universal Plug and Play (UPnP) on Windows 98