I was pointed to this by the by TWIT site post by Steve Gibson, pass it along for some good info about the Log4j problems.
LOG4J LOG4SHELL RESOURCE CENTER
JFrog Log4j vulnerabilites
Resources at your fingertips
The Log4j & Log4shell vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers. Understand Log4j Log4Shell exploitation vectors, learn exactly what’s vulnerable, and discover remediations about this zero-day vulnerability. .... '
No comments:
Post a Comment