0x18 Apache Log4Shell

Update: 2021-12-22

Description

Beschreibung:

Wir schließen uns dem Mainstream an und reden über Apache Log4Shell. Wir erklären die technischen Details und was zum aktuellen Zeitpunkt bekannt ist. Viel Spaß beim Hören!

Shownotes:

Apache Log4j Security Vulnerabilities

BSI: Kritische Schwachstelle in log4j veröffentlicht

CVE-2021-44228 (CVSS 10.0)

CVE-2021-45105 (CVSS 7.5)

CVE-2021-45046 (CVSS 9.0)

CVE-2021-4104 (CVSS 8.1)

Segfault.fm Episode 0x07 Memory Corruption 1

JNDI Lookup plugin support

Zero-Day Exploit Targeting Popular Java Library Log4j

Verwundbarer Docker-Container

Log4Shell log4j vulnerability - cheat-sheet reference guide

YT: A Journey From JNDI/LDAP Manipulation (Black Hat 2016)

Exploitation of Log4j CVE-2021-44228 before public disclosure

Tweet from Volkan Yazici

Mind map: Am I vulnerable to Log4Shell?

LiveOverflow: Hackers vs. Developers (Log4Shell)

Tweet from DaRenegader

Comments

In Channel

0x28 xz - You owe Freund a beer!

2024-04-0601:52:08

0x27 Dickpics in der Ubahn

2024-01-3102:11:43

0x26 Responsible Release

2023-12-1302:10:08

0x25 Don't get me started! (2023-10)

2023-10-3002:39:46

0x24 Monthly (2023-07)

2023-08-0102:11:19

0x23 Monthly (2023-06)

2023-06-2502:13:46

0x22 Monthly (2023-02)

2023-02-2802:35:11

0x21 Monthly (2022-12)

2023-01-0702:39:22

0x20 Monthly (2022-10/11)

2022-11-2602:59:33

0x1f Sackvoll.fm (2022-09)

2022-10-0302:15:12

0x1e Monthly Episode (2022-08)

2022-08-3102:41:11

0x1d Monthly Episode (2022-07)

2022-07-3102:10:47

0x1c Meta Update

2022-06-3013:09

0x1b Netzsperren

2022-04-1403:16:45

0x1a Netzwerksicherheit1

2022-03-0102:26:03

0x19 rC3 NOWHERE

2022-01-2801:18:31

0x18 Apache Log4Shell

2021-12-2201:37:29

0x17 E-Mail Security

2021-10-2902:20:10

0x16 DNS Security

2021-07-3002:56:39

0x15 Crypto Messenger

2021-06-2902:20:09

00:00

#box-pro-ellipsis-176662019309369{-webkit-line-clamp:2;}0x18 Apache Log4Shell

0x18 Apache Log4Shell

Florian und Daniel

0x18 Apache Log4Shell