Port: TCP 1524
Service: ingreslock

Vulnerability: Ingreslock is used legitimately to lock parts of an Ingres database. However, there are known trojans that also use port 1524 as a backdoor into a system. Some sysadmins allow this port to be open thinking it is needed.

Mitigation: Lock down this port at the firewall, and scan your systems to make sure connections aren’t being made here.

Proof of ConceptM
This vulnerability could fall into the same group as telnet, and rlogin, in the sense that it can be used as an unintentional backdoor. All you need to do is connect to the port to gain access to the victim’s machine. You will be logged in with the same rights as the user in which the service is running.

1. Start up a terminal session, and use telnet to connect to this port on the Metasploitable VM:


Another session as root!