Jump to content
--> Place your ad text here <--
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

Log4J Breach

HyperBlown

By HyperBlown
in General Discussion [English]

 Share

Recommended Posts

HyperBlown Proficient

HyperBlown

Posted
Posted (edited)

As you guys may or not know already, the often used "Log4j" Library has been compromised and I Strongly recommend your devs or yourself to take immediate action into updating this library or using something else.
If you dont know what to do, and you are more than sure that you are using this library, you can simply disable any logging that an user has "direct" access to it. For example Chat log, since players can talk whatever they want and it will be processed by the log4j engine.

For more info read it here:
https://www.kaspersky.com/blog/log4shell-critical-vulnerability-in-apache-log4j/43124/

https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/

 

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

unknown.png

Edited by HyperBlown
  • Thanks 2
  • Upvote 1
Tryskell Rising Star

Tryskell

Posted
Posted

L2J team is aware of that issue since 3 days.

 

About aCis, we never used that library no matter the revision, but I'm aware some forks of my project migrated to it.

 

You can solve the exploit updating log4j lib ASAP to the version 2.15.x and superior.

 

Added to @HyperBlown links, more infos here : https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/

 

PS : that library is used everywhere, so consider to review your whole server if you own and run multiple services holding Java projects.

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • GX-Ext
      🌟 [RELEASE] Full Lineage 2 C4 Accumulative

      By GX-Ext · Posted

      just with this extender that I have shared it is not possible to start with c4 client, you have to make some changes to the extender and it works with c4 client perfectly. regarding the updates in this last revision   🔹dll is not packaged with vmprotect   New custom zone types have been added: 🔹 NO_NOBLESS begin MinX=84638 MaxX=92616 MinY=-87170 MaxY=-82018 MinZ=-6000 MaxZ=0 Type=NO_NOBLESS KickOutPos=83007/148057/-3464 end   ▶️ This zone checks if the character is noble. If it does not meet the condition, it will be automatically kicked to the indicated position (KickOutPos). 🔹 CUSTOM_SPAWN_ZONE begin MinX=77275 MaxX=85704 MinY=10122 MaxY=18066 MinZ=-8000 MaxZ=5000 Type=CUSTOM_SPAWN_ZONE OutPos=83007/148057/-3464 Spawns={{82984/18066/-5256}};{{79275/15147/-5248}};{{82922/14263/-5256}};{{83704/10122/-5288}} end ▶️ This zone allows characters, upon death, to respawn with full buff, CP, HP and MP if they press “Fixed”. They will only be able to revive in one of the positions defined in Spawns. 🔧 Both zones are fully configurable from territorydata.txt
    • EUSOUOMESTREDOSMAGOS
      🌟 [RELEASE] Full Lineage 2 C4 Accumulative

      By EUSOUOMESTREDOSMAGOS · Posted

      Could you tell me what changed in this update?   more one question: Is it possible to log in through the c4 client instead of interlude? That would be great  
    • SocNet
      ⭐SOCNET BOOST⭐ is a new solution among all SMM panels

      By SocNet · Posted

      ➡ Discount for your purchase: JULY2025 (11% discount) ➡ Our Online Shop: https://socnet.store  ➡ Our SMM-Boosting Panel: https://socnet.pro  ➡ Telegram Shop Bot: https://socnet.shop  ➡ Telegram Support: https://t.me/solomon_bog  ➡ Telegram Channel: https://t.me/accsforyou_shop  ➡ Discord Support: @AllSocialNetworksShop  ➡ Discord Server: https://discord.gg/y9AStFFsrh  ➡ WhatsApp Support: https://wa.me/79051904467 ➡ WhatsApp Channel: https://whatsapp.com/channel/0029Vau0CMX002TGkD4uHa2n  ➡ Email Support: solomonbog@socnet.store 
    • SocNet
      SOCNET | The Social Media acocunts at low prices!

      By SocNet · Posted

      ➡ Discount for your purchase: JULY2025 (11% discount) ➡ Our Online Shop: https://socnet.store  ➡ Our SMM-Boosting Panel: https://socnet.pro  ➡ Telegram Shop Bot: https://socnet.shop  ➡ Telegram Support: https://t.me/solomon_bog  ➡ Telegram Channel: https://t.me/accsforyou_shop  ➡ Discord Support: @AllSocialNetworksShop  ➡ Discord Server: https://discord.gg/y9AStFFsrh  ➡ WhatsApp Support: https://wa.me/79051904467 ➡ WhatsApp Channel: https://whatsapp.com/channel/0029Vau0CMX002TGkD4uHa2n  ➡ Email Support: solomonbog@socnet.store 
    • guarnieri2008
      🌟 [RELEASE] Full Lineage 2 C4 Accumulative

      By guarnieri2008 · Posted

      good job

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock