Issue

URL requests to certain ports throw security errors in AdobeFlash Player 9.0.115.0 and higher.

Reason

A security change has been made in Adobe Flash Player 9.0.115.0 to block commonly reserved ports (to prevent malicious activity). If a port number is specified at the end of a URL (such as http://www.adobe.com:80), the port will be checked against a list of commonly reserved ports. If the port matches the following list, the network request will be rejected and a securityError event will be fired.

The following ports are considered reserved:

1 tcpmux

7 echo

9 discard

11 systat

13 daytime

15 netstat

17 qotd

19 chargen

20 ftp data

21 ftp control

22 ssh

23 telnet

25 smtp

37 time

42 name

43 nicname

53 domain

77 priv-rjs

79 finger

87 ttylink

95 supdup

101 hostriame

102 iso-tsap

103 gppitnp

104 acr-nema

109 POP2

110 POP3

111 sunrpc

113 auth

115 sftp

117 uucp-path

119 NNTP

123 NTP

135 loc-srv / epmap

139 netbios

143 IMAP2

179 BGP

389 LDAP

465 SMTP+SSL

512 print / exec

513 login

514 shell

515 printer

526 tempo

530 courier

531 chat

532 netnews

540 uucp

556 remotefs

563 NNTP+SSL

587 submission

601 syslog

636 LDAP+SSL

993 IMAP+SSL

995 POP3+SSL

2049 nfs

4045 lockd

6000 X11

Solution

Applications should move to a non-reserved port.

Keywords: kb402882

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy