exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

CVE-2021-44832

Status Candidate

Overview

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.

Related Files

Red Hat Security Advisory 2022-0230-03
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0230-03 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
MD5 | 084de22d14f5a65e1c9d63020c592e36
Red Hat Security Advisory 2022-0227-04
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0227-04 - Openshift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
MD5 | 3a4bcb056cbb168c9d65f218238669d3
Red Hat Security Advisory 2022-0225-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0225-02 - Openshift Logging Bug Fix Release. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-44832
MD5 | ab9d0689445907fbdf241cce30190c22
Red Hat Security Advisory 2022-0226-04
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0226-04 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-27292, CVE-2021-44832
MD5 | 2c4e8d53ce421c3255a55d1f43ad3d0e
Red Hat Security Advisory 2022-0223-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0223-02 - A minor version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | 6bc4199bad97b783b4922788ca5c5950
Red Hat Security Advisory 2022-0222-02
Posted Jan 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0222-02 - This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | d1be0019086a6be6c1bc8b80127f872b
Red Hat Security Advisory 2022-0205-02
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0205-02 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | 249310a3218eabb14ac8f96341cf02fb
Red Hat Security Advisory 2022-0083-03
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0083-03 - This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | 8115225413fb52dab5125a938bf14b53
Red Hat Security Advisory 2022-0216-06
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0216-06 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | 4dfd66103fcec17ec4133287d128702e
Red Hat Security Advisory 2022-0203-03
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0203-03 - The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
MD5 | f8cf326403466dc2f8a13e4486c28735
Red Hat Security Advisory 2022-0138-06
Posted Jan 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0138-06 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-34429, CVE-2021-37136, CVE-2021-37137, CVE-2021-38153, CVE-2021-44832
MD5 | f1ca42919d11c547faef8accadf1ad46
Ubuntu Security Notice USN-5222-1
Posted Jan 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5222-1 - It was discovered that Apache Log4j 2 was vulnerable to remote code execution attack when configured to use a JDBC Appender with a JNDI LDAP data source URI. A remote attacker could possibly use this issue to cause a crash, leading to a denial of service. Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2021-44832, CVE-2021-45105
MD5 | a4642f2677eb74683680d512a89d8e13
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close