Welcome to Centmin Mod Community
Become a Member

Security Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit (Log4Shell)

Discussion in 'System Administration' started by Revenge, Dec 11, 2021.

  1. Jimmy

    Jimmy Premium Member Premium Member

    1,759
    380
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +966
    Local Time:
    7:49 AM
    1.17.x
    MariaDB 10.3.x
    Yup.

     
  2. eva2000

    eva2000 Administrator Staff Member

    47,899
    10,930
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,985
    Local Time:
    10:49 PM
    Nginx 1.21.x
    MariaDB 10.x
  3. Jimmy

    Jimmy Premium Member Premium Member

    1,759
    380
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +966
    Local Time:
    7:49 AM
    1.17.x
    MariaDB 10.3.x
  4. eva2000

    eva2000 Administrator Staff Member

    47,899
    10,930
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,985
    Local Time:
    10:49 PM
    Nginx 1.21.x
    MariaDB 10.x
    Another log4j vulnerability was discovered (CVE-2021-44832) so v2.17.0 is not longer secure. Folks need to update to log4j v2.17.1 so Elasticsearch search may need another update?

    https://logging.apache.org/log4j/2.x/

    https://nvd.nist.gov/vuln/detail/CVE-2021-44832

     
  5. Jimmy

    Jimmy Premium Member Premium Member

    1,759
    380
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +966
    Local Time:
    7:49 AM
    1.17.x
    MariaDB 10.3.x
    The Neverending Story III

    p18926_p_v10_ab.jpg
     
    Last edited: Jan 1, 2022