Recent content by jasonmicron
-
CVE-2021-44228 - Log4j RCE 0-day
Here. https://nvd.nist.gov/vuln/detail/CVE-2021-4104 Disclosed by Red Hat. Here is the original disclosure: https://access.redhat.com/security/cve/CVE-2021-4104- jasonmicron
- Post #32
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
Hmm. Forgot about Sasser. Nice reminder @ForkWNY ! https://en.wikipedia.org/wiki/Sasser_%28computer_worm%29?wprov=sfla1 As I've learned more about this vulnerability I think it is indeed more critical than initially thought. Not because of the method to remediate - we already know that's easy...- jasonmicron
- Post #24
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
IMO it can be pretty bad because, unless you're the app developer, you need to wait for the developer to implement those mitigations. And then apply their patch. Yes, it does seem easy to mitigate ourselves manually but if the app has an update that overwrites your mitigations then it is sort...- jasonmicron
- Post #23
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
Oh we have... yea, dunno how this affects 1.2. But it's been a busy weekend and first workday after the weekend. There are a ton of nooks and crannies to check.- jasonmicron
- Post #19
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
I think the consensus here is that you don't need to worry about it. The ASUS firmware doesn't appear to utilize this java feature. If you swapped out your routers, and if ASUS did utilize log4j, you wouldn't gain anything by swapping hardware other than an angry family because you took down...- jasonmicron
- Post #16
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
I think you're referring to Slammer: https://www.wired.com/2003/07/slammer/ Yea, that was ... bad. I agree w/ ya, I don't think this is anywhere near as bad as people think, but it is still a huge exposure due to the amount of java-based webapps out on the internet. Personally, I'd love it if...- jasonmicron
- Post #13
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
Yep - but admittedly I haven't looked at the code ASUS developed to know whether or not they use log4j. I'm feeling positive that Merlin has, and he says we're good. So that's good enough for me, for now. We don't know for sure though unless we see the source, and I'm assuming the underlying...- jasonmicron
- Post #11
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
You're misunderstanding the issue. You can log whatever you want in your own way. The issue is the underlying software provided from ASUS. This probably isn't the "worst threat in modern computing" but it is certainly in the top 5. The magnitude of this is pretty heavy. A lot of software...- jasonmicron
- Post #9
- Forum: General Network Security
-
CVE-2021-44228 - Log4j RCE 0-day
Came here to ask this same question. Ubiquiti routers are definitely affected: https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 We use those at our office, which made me wonder if the ASUS firmware also utilizes the log4j library. Just...- jasonmicron
- Post #8
- Forum: General Network Security
