Jump to content

Zeroday in ubiquitous Log4j tool poses a grave threat to the Internet

Lightwreather
By Lightwreather
in Tech News
 Share
Posted
1 hour ago, arcanekand said:

here is a list of affected devices/applications and security bulitins: https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

 

check the list to see if you have any affected devices/apps

Please note that that's not a list of affected programs. It's a list of info about programs.

For example 7-Zip is on the list, not because it is vulnerable but because the developer replied that they are not vulnerable. Same goes for Palo Alto. The link to their site basically just says "none of our products are affected".

The list also contains a lot of speculation that hasn't been confirmed or denied. For example 3CX which is on the list was just someone on the forum that found some files related to log4j but it has not been confirmed if they are even used.

 

It's a nice list, but be careful with how you interpret it.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
29 minutes ago, LAwLz said:

The list also contains a lot of speculation that hasn't been confirmed or denied.

In this case id say it is a good idea to presume the worst...

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
On 12/17/2021 at 6:13 AM, WolframaticAlpha said:

and the vulnerability has been patched.

 

but wait, the patch is semi-useless

And NOW 2.16 is vulnerable

On to 2.17 we go!

 

https://thehackernews.com/2021/12/apache-issues-3rd-patch-to-fix-new-high.html

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
14 minutes ago, jagdtigger said:

At least its not a trivial remote code execution if i understand it correctly...

Yah, the 2.16 issue requires specific configs that aren't default at least.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, Lurick said:

Yah, the 2.16 issue requires specific configs that aren't default at least.

Good, then i dont have to shut down my minecraft server... 😎

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Maybe a little info for all of you who are still trying to find out if you have a vulnerable Java application running on your Linux server. Just check the output of the following command. If it outputs versions 2.10 ≤ X ≤ 2.16, your Java version is affected and you should take further action. 

find / -regex ".*log4j.*.jar" -type f -exec sh -c "unzip -p {} META-INF/MANIFEST.MF | grep Implementation-Version" \;

 

This is not a guarantee, but may make the research a little easier.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×