Log4j exploit

General eFa discussion
Post Reply
Hendrik
Posts: 1
Joined: 12 Dec 2021 23:46

Log4j exploit

Post by Hendrik »

Hi,

Since I cannot find anything about the Log4j exploit on the forum yet, I thought I might start a post.

Is the efa project affected by this exploit? And if so, what parts?

Kind regards,
Hendrik
chrisbruce
Posts: 9
Joined: 12 Feb 2020 22:37

Re: Log4j exploit

Post by chrisbruce »

I would also like to know the answer to this. Thanks all.
chrisbruce
Posts: 9
Joined: 12 Feb 2020 22:37

Re: Log4j exploit

Post by chrisbruce »

Hello All,

My anecdotal evidence is showing that there is no presence of Log4j in EFA. I am running 4.0.4

I ran all these commands to search for the presence of Log4j and all commands returned nothing/no-presence.

Presence of Log4j:
sudo grep -r --include "*.jar" JndiLookup.class /
sudo find / -name log4j-core-*.jar
sudo locate log4j|grep -v log4js


Detection of exploitation attempts of the vulnerability in your logs:
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

Someone please double check this!

TY,
ChrisBruce
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Log4j exploit

Post by shawniverson »

No Java in use on eFa. It is primarily PHP and perl, with some compiled things in C and a sprinkle of bash scripting. In other words, 100% decaffeinated. :lol:
The_Penguin
Posts: 9
Joined: 15 Mar 2015 16:34

Re: Log4j exploit

Post by The_Penguin »

:clap:
Excellent! Thanks for confirming.
bas60
Posts: 57
Joined: 04 Feb 2014 13:58

Re: Log4j exploit

Post by bas60 »

what about EFA3??

anyone know ?

Not had chance, I have plan to replace with EFA4 over Christmas
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: Log4j exploit

Post by pdwalker »

EFA3 used even less JAVA, so unless you've installed JAVA in your V3 vm, you're all good.
Post Reply