资产安全
商业安全
安全服务
返回- 发布日期2020-09-15
- 感知时间2020-09-15
- 漏洞类型安全更新
- 风险等级未知
- 更新版本未知
- 情报贡献TSRC
USN-4495-1: Apache Log4j vulnerability
Apache Log4j vulnerability<br/>A security issue affects these releases of Ubuntu and its derivatives:<br/>Ubuntu 18.04 LTS<br/>Summary<br/>Apache Log4j could be made to remotely execute arbitrary code if it received specially crafted log data.<br/>Software Description<br/>apache-log4j1.2 - Java-based open-source logging tool<br/>Details<br/>It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code. (CVE-2019-17571)<br/>Update instructions<br/>The problem can be corrected by updating your system to the following package versions:<br/>Ubuntu 18.04 LTS<br/>liblog4j1.2-java - 1.2.17-8+deb10u1build0.18.04.1<br/>To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.<br/>In general, a standard system update will make all the necessary changes.<br/>References<br/>CVE-2019-17571<br/>]]>
Ubuntu是一个以桌面应用为主的Linux操作系统
<p><a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571">CVE-2019-17571</a></p>
暂无
暂无
https://usn.ubuntu.com/4495-1/
微信扫码关注公众号
