Port 5432/tcp is the default listener for the PostgreSQL database server, registered with IANA as postgresql with the description "PostgreSQL Database." The registration dates to a request on the pgsql-hackers mailing list around 2001, and PostgreSQL's own protocol documentation states that 5432 "has been registered with IANA as the customary TCP port number for servers supporting this protocol"; the number itself carries no special meaning beyond having been free at the time. The protocol is a message-based frontend/backend wire protocol over TCP or Unix sockets: the client opens with a startup message declaring the protocol version (3.0 since PostgreSQL 7.4, with 3.2 introduced in PostgreSQL 18), and the server forks a dedicated backend process per connection. Authentication methods include trust, password, md5, and the modern recommended scram-sha-256. The IANA reference field for 5432 is blank, so no RFC is tied to the assignment. Security-wise, exposed instances are brute-forced, and a misconfigured pg_hba.conf — particularly trust authentication on a public interface — yields unauthenticated access; CVE-2019-9193 describes the "COPY FROM/TO PROGRAM" capability that lets a superuser or suitably privileged role run arbitrary OS commands, which the PostgreSQL project characterizes as intended privileged functionality rather than a vulnerability, though it is widely used as a post-authentication RCE primitive. Containerized Postgres is frequently exposed through careless Docker port mappings. For an analyst, a public 5432 is a misconfiguration and a high-priority finding — check for default postgres credentials, trust auth, and superuser exposure.

IANA assignment

postgresql — "PostgreSQL Database"; reference (blank — no RFC cited in IANA registry); assignee/contact blank in the registry row [IANA-assigned] — IANA Service Name and Transport Protocol Port Number Registry

Range class

registered (1024–49151)

Primary use

default PostgreSQL server listener [Well-established] — PostgreSQL protocol docs

Other/unofficial uses

second instances commonly use 5433; poolers (PgBouncer, Pgpool) front 5432 [Well-established]

Prevalence

common open database port (de-facto, nmap-services) [Well-established] — nmap-services file

Security implications

brute-force; pg_hba.conf trust-auth misconfig → unauthenticated access; CVE-2019-9193 COPY FROM/TO PROGRAM (intended privileged functionality per the project; widely used post-auth RCE); SCRAM-SHA-256 + TLS recommended [Well-established/Threat-reported] — NVD, PostgreSQL docs

Typically seen on

database servers, application backends (Django/Rails/Spring), Docker/Kubernetes containers, managed-DB endpoints

Related ports

5433 (common second instance); pooler ports (PgBouncer/Pgpool, site-defined)

Analyst note

A public 5432 is a misconfiguration and high-priority finding; check for default postgres credentials, trust auth, and superuser exposure.