Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4Shell（CVE-2021-44228）related attacks IOCs 源IP使用Apache Log4j RCE尝试攻击，其中包含很大部分Tor节点，详见Attack-IP.md 利用log4j漏洞传播的恶意程序、Botnet等IOC详见IOC-C2.md Snort检测规则详见Snort.md Suricata规则详见Suricata.md...

Security Bulletin: Log4jShell Vulnerability affects IBM SPSS Statistics Server (CVE-2021-44228)

Summary There is a vulnerability in the version of Log4j that is part of IBM SPSS Statistics Server. IBM SPSS Statistics Server has addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...

Security Bulletin: Log4Shell Vulnerability affects IBM SPSS Statistics Desktop (CVE-2021-44228)

Summary There is a vulnerability in the version of Log4j that is part of IBM SPSS Statistics Desktop. IBM SPSS Statistics Desktop has addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...

Security Bulletin: Vulnerability in Apache Log4j affects Content Collector for IBM Connections (CVE-2021-44228)

Summary Apache Log4j open source library is used by Content Collector for IBM Connections. The vulnerability affects the Content Collector AFUKnowledgeCenter component. This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID: CVE-2021-44228...

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects MaaS360 Enterprise Gateway

Summary There is a vulnerability in the Apache Log4j open source library. This library is not used within the MaaS360 Enterprise Gateway code, but is contained within the package of the MaaS360 Enterprise Gateway module. The Enterprise Gateway module is contained within the MaaS360 Cloud Extender...

SUSE-SU-2021:14866-1 Security update for log4j

This update for log4j fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

OPENSUSE-SU-2021:4109-1 Security update for logback

This update for logback fixes the following issues: Upgrade to version 1.2.8 + In response to log4Shell/CVE-2021-44228, all JNDI lookup code in logback has been disabled until further notice. This impacts ContextJNDISelector and insertFromJNDI element in configuration files. + Also in response to...

Security Bulletin: Vulnerability in Apache Log4j affects IBM SPSS Analytic Server (CVE-2021-44228)

Summary There is a vulnerability in the version of Apache Log4j that was installed in IBM SPSS Analytic Server. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, cause...

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Common Licensing's License Key Server (LKS) Administration And Reporting Tool (ART) and its Agent

Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM LKS Administration And Reporting Tool and its Agent. A fix is available to address the vulnerability. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a...

Security Bulletin: Apache Log4j Vulnerability Affects IBM Sterling Connect:Direct for UNIX (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library versions used by IBM Sterling Connect:Direct for UNIX. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on t...

Security Bulletin: Vulnerability in Apache Log4j2 affects IBM Spectrum LSF. (CVE-2021-44228)

Summary There is a vulnerability in Log4j2 used by IBM Spectrum LSF. IBM Spectrum LSF have addressed the applicable CVE. LSF is only vulnerable if resource connector is enabled. Customers are encouraged to take action by executing the mitigation steps. Vulnerability Details CVEID: CVE-2021-44228...

Security Bulletin: Vulnerabilities in Apache Log4j affect IBM App Connect for Manufacturing 2.0 (CVE-2021-44228)

Summary Vulnerabilities in Apache Log4j affect IBM App Connect for Manufacturing 2.0. An attacker who can control log messages or log message parameters can execute arbitrary code leading to Remote Code Execution RCE attacks. IBM App Connect for Manufacturing 2.0 has addressed the vulnerability...

Security Bulletin: Vulnerability in Apache Log4j affects Collaboration and Deployment Services (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library which is used by Collaboration and Deployment Services for logging of messages and traces. This issue has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to...

Security Bulletin: Vulnerability in Apache Log4j affects IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library. The library is used by IBM CloudPak foundational services which is a dependency of IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could all...

Apache Log4Shell RCE detection via callback correlation (Direct Check POP3)

Binary data apachelog4shellpop3.nbin...

Security update for logback (important)

openSUSE Security Update: Security update for logback Announcement ID: openSUSE-SU-2021:4109-1 Rating: important References: 1193795 Cross-References: CVE-2021-44228 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...

Apache Log4Shell RCE detection via callback correlation (Direct Check SSH)

Binary data apachelog4shellssh.nbin...

Apache Log4Shell RCE detection via callback correlation (Direct Check Telnet)

Binary data apachelog4jjdnildapgenerictelnet.nbin...

Apache Log4Shell CVE-2021-45046 Bypass Remote Code Execution

Binary data apachelog4shellCVE-2021-45056directcheck.nbin...

Apache Log4Shell RCE detection via callback correlation (Direct Check SMTP)

Binary data apachelog4shellsmtp.nbin...