2.4 KiB
| title | published | taxonomy | media_order | date | aura | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Log4shell - Five Eyes published a scanner for everyone | true |
|
l4j.png | 26-12-2021 10:42 |
|
Log4shell
As you may have heard, since December 9 there is a severe vulnerability called Log4shell (and other Log4j-related vulnerabilities) that affects a wide range of Java applications. The "Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI" library.
Scanners
Five Eyes
The Five Eyes have published a scanner that is basically just a combination of other software and slightly changes:
As many in industry, we did not feel the need to "re-invent the wheel". This recommended scanning solution is derived from the great work of others (with slight modifications). We've included two additional projects to avoid using third-parties.
Everything is open sourced at https://github.com/cisagov/log4j-scanner Check your services if you can.
Anchore
There are also syft and grype provided by anchore.
Grafana's Loki
We use Loki from Grafana, which can be a very fast solution for identifying services with Log4j.
Just use the regular expression jndi and (?i)log4j.
See Grafanas statement.
Update your devices
If you have to wait for updates from hosters etc., check the news about them to see if they have already patched the vulnerability or if they are affected at all or not. Our services are not affected. Also update your devices (phones, laptop/desktop, servers, IoT...) as soon as possible, better now, which should be generally on a regular basis and now more than ever. There is a list that shows which software is affected or has a patch already available. Check it out.
How to
If you need help to check your software, we have a quick guide for the community. Otherwise contact us via email etc..
Stay safe - in real and virtual life