References: Siemens Gigaset SE461 WiMAX router 1.5-BL0, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection. References: Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than. Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.
Bonk (DoS) trojan horse also uses port 53 (TCP). Xbox LIVE uses ports 53 tcp/udp, 80 tcp, 88 udp, 3074 tcp/udp. Scans for systems vulnerable to the exploit on port 1025/tcp. Connects to an FTP server on port 21211/tcp. Listens for remote commands on port 53/tcp. () - a worm that exploits the MS Distributed Transaction Coordinator Remote exploit (MS Security Bulletin ). Some trojans also use this port: ADM worm, li0n, MscanWorm, MuSka52. There are some attacks that target vulnerabilities within DNS servers. Apple MacDNS, FaceTime also use this port. Threat/application/port search: Port(s) Protocol Service Details Source 53 tcp,udp DNS DNS (Domain Name Service) is used for domain name resolution.
