Hi,
Since I cannot find anything about the Log4j exploit on the forum yet, I thought I might start a post.
Is the efa project affected by this exploit? And if so, what parts?
Kind regards,
Hendrik
Log4j exploit
-
- Posts: 9
- Joined: 12 Feb 2020 22:37
Re: Log4j exploit
I would also like to know the answer to this. Thanks all.
-
- Posts: 9
- Joined: 12 Feb 2020 22:37
Re: Log4j exploit
Hello All,
My anecdotal evidence is showing that there is no presence of Log4j in EFA. I am running 4.0.4
I ran all these commands to search for the presence of Log4j and all commands returned nothing/no-presence.
Presence of Log4j:
sudo grep -r --include "*.jar" JndiLookup.class /
sudo find / -name log4j-core-*.jar
sudo locate log4j|grep -v log4js
Detection of exploitation attempts of the vulnerability in your logs:
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
Someone please double check this!
TY,
ChrisBruce
My anecdotal evidence is showing that there is no presence of Log4j in EFA. I am running 4.0.4
I ran all these commands to search for the presence of Log4j and all commands returned nothing/no-presence.
Presence of Log4j:
sudo grep -r --include "*.jar" JndiLookup.class /
sudo find / -name log4j-core-*.jar
sudo locate log4j|grep -v log4js
Detection of exploitation attempts of the vulnerability in your logs:
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
Someone please double check this!
TY,
ChrisBruce
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Log4j exploit
No Java in use on eFa. It is primarily PHP and perl, with some compiled things in C and a sprinkle of bash scripting. In other words, 100% decaffeinated.
-
- Posts: 9
- Joined: 15 Mar 2015 16:34
Re: Log4j exploit
Excellent! Thanks for confirming.
Re: Log4j exploit
what about EFA3??
anyone know ?
Not had chance, I have plan to replace with EFA4 over Christmas
anyone know ?
Not had chance, I have plan to replace with EFA4 over Christmas
Re: Log4j exploit
EFA3 used even less JAVA, so unless you've installed JAVA in your V3 vm, you're all good.