You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Turritopsis Dohrnii Teo En Ming <ce...@gmail.com> on 2021/12/16 14:28:57 UTC
How do I determine which hardware device and software has log4j zero-day security vulnerability?
Subject: How do I determine which hardware device and software has
log4j zero-day security vulnerability?
Good day from Singapore,
I am working for a Systems Integrator (SI) in Singapore. We have
several clients writing in, requesting us to identify log4j zero-day
security vulnerability in their corporate infrastructure.
It seems to be pretty difficult to determine which hardware device and
which software has the vulnerability. There seems to be no lists of
hardware devices and software affected by the flaw any where on the
internet.
Could you refer me to definitive documentation/guides on how to
identify log4j security flaw in hardware devices and software?
Thank you very much for your kind assistance.
Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021,
is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant
with a Systems Integrator (SI)/computer firm in Singapore. He is an IT
enthusiast.
-----BEGIN EMAIL SIGNATURE-----
The Gospel for all Targeted Individuals (TIs):
[The New York Times] Microwave Weapons Are Prime Suspect in Ills of
U.S. Embassy Workers
Link:
https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html
********************************************************************************************
Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's
Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts
at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan
(5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
[1] https://tdtemcerts.wordpress.com/
[2] https://tdtemcerts.blogspot.sg/
[3] https://www.scribd.com/user/270125049/Teo-En-Ming
-----END EMAIL SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: How do I determine which hardware device and software has log4j zero-day security vulnerability?
Posted by Lukasz Lenart <lu...@apache.org>.
niedz., 19 gru 2021 o 15:13 Turritopsis Dohrnii Teo En Ming
<ce...@gmail.com> napisał(a):
>
> Hi,
>
> What kind of commercial support?
They provide tools to monitor and alert subscribers about vulnerable
OSS libraries, I would ask Luis (in the previous message) about more
details.
Regards
--
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: How do I determine which hardware device and software has log4j zero-day security vulnerability?
Posted by Turritopsis Dohrnii Teo En Ming <ce...@gmail.com>.
Hi,
What kind of commercial support?
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
19 Dec 2021 Sunday
On Thu, 16 Dec 2021 at 23:17, Lukasz Lenart <lu...@apache.org> wrote:
>
> Hi,
>
> This rather a wrong place to ask such questions, I would suggest
> asking on the Log4j user list. You can also try to use a commercial
> support like for example here: https://explore.tidelift.com/log4shell
> and ask luis@tidelift.com for more information.
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> czw., 16 gru 2021 o 15:29 Turritopsis Dohrnii Teo En Ming
> <ce...@gmail.com> napisał(a):
> >
> > Subject: How do I determine which hardware device and software has
> > log4j zero-day security vulnerability?
> >
> > Good day from Singapore,
> >
> > I am working for a Systems Integrator (SI) in Singapore. We have
> > several clients writing in, requesting us to identify log4j zero-day
> > security vulnerability in their corporate infrastructure.
> >
> > It seems to be pretty difficult to determine which hardware device and
> > which software has the vulnerability. There seems to be no lists of
> > hardware devices and software affected by the flaw any where on the
> > internet.
> >
> > Could you refer me to definitive documentation/guides on how to
> > identify log4j security flaw in hardware devices and software?
> >
> > Thank you very much for your kind assistance.
> >
> > Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021,
> > is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant
> > with a Systems Integrator (SI)/computer firm in Singapore. He is an IT
> > enthusiast.
> >
> >
> >
> >
> >
> > -----BEGIN EMAIL SIGNATURE-----
> >
> > The Gospel for all Targeted Individuals (TIs):
> >
> > [The New York Times] Microwave Weapons Are Prime Suspect in Ills of
> > U.S. Embassy Workers
> >
> > Link:
> > https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html
> >
> > ********************************************************************************************
> >
> > Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's
> > Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts
> > at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan
> > (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
> >
> > [1] https://tdtemcerts.wordpress.com/
> >
> > [2] https://tdtemcerts.blogspot.sg/
> >
> > [3] https://www.scribd.com/user/270125049/Teo-En-Ming
> >
> > -----END EMAIL SIGNATURE-----
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: How do I determine which hardware device and software has log4j zero-day security vulnerability?
Posted by Turritopsis Dohrnii Teo En Ming <ce...@gmail.com>.
Thanks for the Youtube link. Will watch it later.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
19 Dec 2021 Sunday
On Thu, 16 Dec 2021 at 23:39, Zahid Rahman <za...@gmail.com> wrote:
>
> A simple two line Java program explaining the bug.
>
> https://youtu.be/0-abhd-CLwQ.
>
>
> Regards
>
>
>
>
> On Thursday, 16 December 2021, Lukasz Lenart <lu...@apache.org> wrote:
>>
>> Hi,
>>
>> This rather a wrong place to ask such questions, I would suggest
>> asking on the Log4j user list. You can also try to use a commercial
>> support like for example here: https://explore.tidelift.com/log4shell
>> and ask luis@tidelift.com for more information.
>>
>>
>> Regards
>> --
>> Łukasz
>> + 48 606 323 122 http://www.lenart.org.pl/
>>
>> czw., 16 gru 2021 o 15:29 Turritopsis Dohrnii Teo En Ming
>> <ce...@gmail.com> napisał(a):
>> >
>> > Subject: How do I determine which hardware device and software has
>> > log4j zero-day security vulnerability?
>> >
>> > Good day from Singapore,
>> >
>> > I am working for a Systems Integrator (SI) in Singapore. We have
>> > several clients writing in, requesting us to identify log4j zero-day
>> > security vulnerability in their corporate infrastructure.
>> >
>> > It seems to be pretty difficult to determine which hardware device and
>> > which software has the vulnerability. There seems to be no lists of
>> > hardware devices and software affected by the flaw any where on the
>> > internet.
>> >
>> > Could you refer me to definitive documentation/guides on how to
>> > identify log4j security flaw in hardware devices and software?
>> >
>> > Thank you very much for your kind assistance.
>> >
>> > Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021,
>> > is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant
>> > with a Systems Integrator (SI)/computer firm in Singapore. He is an IT
>> > enthusiast.
>> >
>> >
>> >
>> >
>> >
>> > -----BEGIN EMAIL SIGNATURE-----
>> >
>> > The Gospel for all Targeted Individuals (TIs):
>> >
>> > [The New York Times] Microwave Weapons Are Prime Suspect in Ills of
>> > U.S. Embassy Workers
>> >
>> > Link:
>> > https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html
>> >
>> > ********************************************************************************************
>> >
>> > Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's
>> > Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts
>> > at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan
>> > (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
>> >
>> > [1] https://tdtemcerts.wordpress.com/
>> >
>> > [2] https://tdtemcerts.blogspot.sg/
>> >
>> > [3] https://www.scribd.com/user/270125049/Teo-En-Ming
>> >
>> > -----END EMAIL SIGNATURE-----
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> > For additional commands, e-mail: user-help@struts.apache.org
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>
>
> --
>
> https://www.backbutton.org
> ¯\_(ツ)_/¯
> ♡۶♡ ۶♡۶
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: How do I determine which hardware device and software has log4j zero-day security vulnerability?
Posted by Zahid Rahman <za...@gmail.com>.
A simple two line Java program explaining the bug.
https://youtu.be/0-abhd-CLwQ.
Regards
On Thursday, 16 December 2021, Lukasz Lenart <lu...@apache.org>
wrote:
> Hi,
>
> This rather a wrong place to ask such questions, I would suggest
> asking on the Log4j user list. You can also try to use a commercial
> support like for example here: https://explore.tidelift.com/log4shell
> and ask luis@tidelift.com for more information.
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> czw., 16 gru 2021 o 15:29 Turritopsis Dohrnii Teo En Ming
> <ce...@gmail.com> napisał(a):
> >
> > Subject: How do I determine which hardware device and software has
> > log4j zero-day security vulnerability?
> >
> > Good day from Singapore,
> >
> > I am working for a Systems Integrator (SI) in Singapore. We have
> > several clients writing in, requesting us to identify log4j zero-day
> > security vulnerability in their corporate infrastructure.
> >
> > It seems to be pretty difficult to determine which hardware device and
> > which software has the vulnerability. There seems to be no lists of
> > hardware devices and software affected by the flaw any where on the
> > internet.
> >
> > Could you refer me to definitive documentation/guides on how to
> > identify log4j security flaw in hardware devices and software?
> >
> > Thank you very much for your kind assistance.
> >
> > Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021,
> > is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant
> > with a Systems Integrator (SI)/computer firm in Singapore. He is an IT
> > enthusiast.
> >
> >
> >
> >
> >
> > -----BEGIN EMAIL SIGNATURE-----
> >
> > The Gospel for all Targeted Individuals (TIs):
> >
> > [The New York Times] Microwave Weapons Are Prime Suspect in Ills of
> > U.S. Embassy Workers
> >
> > Link:
> > https://www.nytimes.com/2018/09/01/science/sonic-attack-
> cuba-microwave.html
> >
> > ************************************************************
> ********************************
> >
> > Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's
> > Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts
> > at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan
> > (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
> >
> > [1] https://tdtemcerts.wordpress.com/
> >
> > [2] https://tdtemcerts.blogspot.sg/
> >
> > [3] https://www.scribd.com/user/270125049/Teo-En-Ming
> >
> > -----END EMAIL SIGNATURE-----
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
--
https://www <https://Backbutton.org>.backbutton.org
¯\_(ツ)_/¯
♡۶♡ ۶♡۶
<http://www.backbutton.co.uk>
Re: How do I determine which hardware device and software has log4j zero-day security vulnerability?
Posted by Lukasz Lenart <lu...@apache.org>.
Hi,
This rather a wrong place to ask such questions, I would suggest
asking on the Log4j user list. You can also try to use a commercial
support like for example here: https://explore.tidelift.com/log4shell
and ask luis@tidelift.com for more information.
Regards
--
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/
czw., 16 gru 2021 o 15:29 Turritopsis Dohrnii Teo En Ming
<ce...@gmail.com> napisał(a):
>
> Subject: How do I determine which hardware device and software has
> log4j zero-day security vulnerability?
>
> Good day from Singapore,
>
> I am working for a Systems Integrator (SI) in Singapore. We have
> several clients writing in, requesting us to identify log4j zero-day
> security vulnerability in their corporate infrastructure.
>
> It seems to be pretty difficult to determine which hardware device and
> which software has the vulnerability. There seems to be no lists of
> hardware devices and software affected by the flaw any where on the
> internet.
>
> Could you refer me to definitive documentation/guides on how to
> identify log4j security flaw in hardware devices and software?
>
> Thank you very much for your kind assistance.
>
> Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021,
> is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant
> with a Systems Integrator (SI)/computer firm in Singapore. He is an IT
> enthusiast.
>
>
>
>
>
> -----BEGIN EMAIL SIGNATURE-----
>
> The Gospel for all Targeted Individuals (TIs):
>
> [The New York Times] Microwave Weapons Are Prime Suspect in Ills of
> U.S. Embassy Workers
>
> Link:
> https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html
>
> ********************************************************************************************
>
> Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's
> Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts
> at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan
> (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
>
> [1] https://tdtemcerts.wordpress.com/
>
> [2] https://tdtemcerts.blogspot.sg/
>
> [3] https://www.scribd.com/user/270125049/Teo-En-Ming
>
> -----END EMAIL SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org