[Adminsysters] Debug gitlab
ignifugo
ignifugo at insicuri.net
Fri Jan 21 11:49:52 CET 2022
On 21/01/22 10:41, mara wrote:
> ignifugo mentioned something about a vulnerability exploit when we
> discussed it in our meetings during rc3.
Hi!
thanks mara for the work on that issue. Could be related, for sure
whatever we want to do we need a bit of CPU,
so that need to be resolved.
I mentioned this vulnerability:
https://en.wikipedia.org/wiki/Log4Shell that affect Java just from the
9 of dicember and patched on . this the
https://www.lunasec.io/docs/blog/log4j-zero-day/#exploit-requirements
Because in that suspicious url that you linked, thare was the logo of
apache tomcat, that was one of the app hit by log4Shell.
So I good to know if we have some Java application (not javascript) that
can be affected.
that's all. Maybe not...
hugs
ignifugo
More information about the Adminsysters
mailing list