Worst Apache Log4j RCE Zero day Dropped on Internet Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet Is my understanding - that Log4j v1.2 - is not vulnerable to the jndi-remote-code execution bug correct? Log4j 1.2 appears to have a vulnerability in the socket-server class, but my understanding is that it needs to be enabled in the first place for it to be applicable and hence is not a passive threat unlike the JNDI-lookup vulnerability which the one identified appears to be. The question is, while the posts on the Internet indicate that Log4j 1.2 is also vulnerable, I am not able to find the relevant source code for it.Īm I missing something that others have identified? The Activity Monitor application isn't showing any specific disk I/O happening, and I have no reason to believe that there's anything wrong with the enclosure itself.With regard to the Log4j JNDI remote code execution vulnerability that has been identified CVE-2021-44228 - (also see references) - I wondered if Log4j-v1.2 is also impacted, but the closest I got from source code review is the JMS-Appender. I keep a lot of things on this drive and not being able to access any of these files is, as you might imagine, a very large problem.Īlso, when the drive is connected, BlackMagic Disk Speed Test is showing a read/write speed of 150/190MB/s, which is WAY lower than its usual speed of 900/880, which also tells me that something is chewing up a lot of bandwidth on it. Previously I'd only see this happen when putting the drive under extreme load, but now even without doing anything on the drive it ends up disconnecting within minutes (with a "Disk Not Ejected Properly" error), making the external drive completely useless. Ever since upgrading to macOS 12.0, the enclosure runs extremely hot even with no actual drive activity, to the point that it overheats and disconnects. I have an nVME SSD connected to my M1 Mac mini via a USB 3.1 enclosure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |