I have been told by the University it is under serious attack (as are
lots of other institutions and servers) by the latest Zero-day
exploiting Apache Log4j logging library... Does anyone know if our
logging using Log4net is impacted (or linked in some way to the
libraries) or that we might be vulnerable?
here are the notes sent to those running servers by our tech team today...
I suspect that you will have heard of the latest zero-day exploit to
hit the news - the Apache Log4j logging library, used by a large
number of both open source and proprietary software, can be easily
exploited to take control of vulnerable systems remotely. We are
already seeing a large number of probes against the systems that we
manage, testing for their vulnerability to this exploit. We are
confident that your system(s) are similarly being probed.
The University has put in place some protection against this
vulnerability, but it is crude protection and expected to be worked
around fairly swiftly. The only real protection is to take
vulnerable systems off-line until they are patched.
Identifying whether a system is vulnerable to this exploit is non
trivial as Log4j is commonly shipped in a JAR file with an
application - it is not just as simple as checking (with rpm or
dpkg) which version of Log4j is installed on the system.
The following web-site includes a list of software which is known to
be affected -
https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/.
Guidance from the National Cyber Security Centre is available at :-
https://www.ncsc.gov.uk/news/apache-log4j-vulnerability
_______________________________________________
Opensim-dev mailing list
Opensim-dev@opensimulator.org
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
