Kiwi Syslog server version 9.6.7 is running 'Ultidev Casini web server pro' as part of its application stack, however on ports 5677 and 7756 this application display debug and system information relating to the server. This information include system names, application paths, and details on running applications. Such information could be used by a malicious actor planning a man in the middle attack.
The release notes and System installation guide specifically mentions that port 7756 is no longer used. Excerpts from the release notes
"Versions of Kiwi Syslog Server prior to 9.2.1 are installed with the Ultidev Cassini Web Server Explorer, which uses an additional port TCP 0.0.0.0:7756. Kiwi Syslog Server no longer users Cassini Web Server Explorer and this port. "
This is contrary to the release notes and after I have installed version 9.6.7 , I can still see the listening port 5677 and 7566 is opened.
Is there a way to disable that?
Regards
Neeraj SHARMA