Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
We're Rebuilding – Join Our Staff Team

Log4J Breach

HyperBlown

By HyperBlown
in General Discussion [English]

 Share

Recommended Posts

HyperBlown Proficient

HyperBlown

Posted
Posted (edited)

As you guys may or not know already, the often used "Log4j" Library has been compromised and I Strongly recommend your devs or yourself to take immediate action into updating this library or using something else.
If you dont know what to do, and you are more than sure that you are using this library, you can simply disable any logging that an user has "direct" access to it. For example Chat log, since players can talk whatever they want and it will be processed by the log4j engine.

For more info read it here:
https://www.kaspersky.com/blog/log4shell-critical-vulnerability-in-apache-log4j/43124/

https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/

 

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

unknown.png

Edited by HyperBlown
  • Thanks 2
  • Upvote 1
Tryskell Rising Star

Tryskell

Posted
Posted

L2J team is aware of that issue since 3 days.

 

About aCis, we never used that library no matter the revision, but I'm aware some forks of my project migrated to it.

 

You can solve the exploit updating log4j lib ASAP to the version 2.15.x and superior.

 

Added to @HyperBlown links, more infos here : https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/

 

PS : that library is used everywhere, so consider to review your whole server if you own and run multiple services holding Java projects.

  • Upvote 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • Ave
      ⚜ Custom UPDATER / LAUNCHER ⚜

      By Ave · Posted

      Are You working on a serious server project? Get Yourself a proper Updater / Launcher!   
    • EUSOUOMESTREDOSMAGOS
      The character stops walking when using a mana potion.

      By EUSOUOMESTREDOSMAGOS · Posted

      The character stops walking when using a mana potion. any can help me?   IemData item_begin    etcitem    728    [mana_potion]    item_type=etcitem    slot_bit_type={none}    armor_type=none    etcitem_type=potion    recipe_id=0    blessed=0    weight=180    default_action=action_skill_reduce    consume_type=consume_type_stackable    initial_count=1    maximum_count=20    soulshot_count=0    spiritshot_count=0    reduced_soulshot={}    reduced_spiritshot={}    reduced_mp_consume={}    immediate_effect=1    price=0    default_price=2000    item_skill=[s_mana_potion]    critical_attack_skill=[none]    attack_skill=[none]    magic_skill=[none]    item_skill_enchanted_four=[none]    material_type=liquid    crystal_type=none    crystal_count=0    is_trade=1    is_drop=1    is_destruct=1    physical_damage=0    random_damage=0    weapon_type=none    can_penetrate=0    critical=0    hit_modify=0    avoid_modify=0    dual_fhit_rate=0    shield_defense=0    shield_defense_rate=0    attack_range=0    damage_range={}    attack_speed=0    reuse_delay=10000    mp_consume=0    magical_damage=0    durability=0    damaged=0    physical_defense=0    magical_defense=0    mp_bonus=0    category={}    enchanted=0    html=[item_default.htm]    equip_pet={@ALL_PET}    magic_weapon=0    enchant_enable=0    can_equip_sex=-1    can_equip_race={}    can_equip_change_class=-1    can_equip_class={}    can_equip_agit=-1    can_equip_castle=-1    can_equip_castle_num={}    can_equip_clan_leader=-1    can_equip_clan_level=-1    can_equip_hero=-1    can_equip_nobless=-1    can_equip_chaotic=-1    item_end   SkillData   skill_begin    skill_name=[s_mana_potion]    skill_id=50004    level=1    operate_type=A2    magic_level=1    effect={{t_mp;57;3}}    is_magic=0    mp_consume2=0    cast_range=-1    effective_range=-1    skill_hit_time=0    skill_cool_time=0    skill_hit_cancel_time=0    reuse_delay=0    activate_rate=-1    lv_bonus_rate=0    basic_property=none    abnormal_time=15    abnormal_lv=1    abnormal_type=mp_recovery    attribute=attr_none    effect_point=0    target_type=self    affect_scope=single    affect_limit={0;0}    next_action=none    debuff=0    ride_state={@ride_none}    skill_end  
    • Anto1988
      WTS/WTB L2REBORN / E-Global x Lu4 TOP PRICE

      By Anto1988 · Posted

      scammer
    • Asocks
      PREMIUM RESIDENTIAL AND MOBILE PROXY | GET 3 GBS FOR FREE

      By Asocks · Posted

      To get a promo code, reply in this thread!
    • L2Valkyria007
      [L2J] L2Valkyria

      By L2Valkyria007 · Posted

      Valkyria is online!

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock