I just got an emai from cloudflare, but unfortunately I couldn't find any information whether the panel uses log4j or not. Сan someone from the developers clarify? https://blog.cloudflare.com/cve-2021-44 ... itigation/
thanks!
Log4j RCE 0-day mitigation - should keyhelp users be worried? [SOLVED]
-
- Posts: 37
- Joined: Thu 26. Jul 2018, 08:51
Re: Log4j RCE 0-day mitigation - should keyhelp users be worried?
I have checked on a clean system, I think, its not installed or enabled by default (liblog4j2-java).
More from the devs of KH.
More from the devs of KH.
The software said: Requires Win Vista®, 7®, 8® or better. And so I installed Linux.
Re: Log4j RCE 0-day mitigation - should keyhelp users be worried?
When I do
I am getting as a result the keys of /var/log/apache2/keyhelp/other_vhosts_access.log. Is that something to be worried about or what can be done?
Code: Select all
egrep -i -r '\$\{jndi:(ldap[s]?|rmi)://' /var/log
Re: Log4j RCE 0-day mitigation - should keyhelp users be worried? [SOLVED]
KeyHelp itself does not use Java and therefore does not use this lib.
There may be additional software running on your server using Java, depending on the applications you are running, but they are not related to KeyHelp.
---
You should ask yourself, do you use Java on your system? - Than it can either be ignored or you have to take necessary steps.
---
KeyHelp is running apt-get update && apt-get upgrade on a regular basis (see maintenance intervals in KeyHelp). Even if you have some Java applications on your server the issue should be fixed automatically soon.
There may be additional software running on your server using Java, depending on the applications you are running, but they are not related to KeyHelp.
---
These are just bots trying to see if your server is vulnerable to an attack on this library.Tobi_BB21 wrote: ↑Sat 11. Dec 2021, 21:55I am getting as a result the keys of /var/log/apache2/keyhelp/other_vhosts_access.log. Is that something to be worried about or what can be done?Code: Select all
egrep -i -r '\$\{jndi:(ldap[s]?|rmi)://' /var/log
You should ask yourself, do you use Java on your system? - Than it can either be ignored or you have to take necessary steps.
---
KeyHelp is running apt-get update && apt-get upgrade on a regular basis (see maintenance intervals in KeyHelp). Even if you have some Java applications on your server the issue should be fixed automatically soon.
Mit freundlichen Grüßen / Best regards
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Alexander Mahr
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************