Even if the client used log4j, what could that exploit do?
It's a problem for java-backed app/web servers, where user input may result in some shady calls from the server.
With haven client what could you do with it - if you type specific phrase you will make the client, ran locally on your pc, make some calls?
java there's a major security exploit
15 posts
• Page 2 of 2 • 1, 2
Re: java there's a major security exploit
by Procne » Fri Jan 14, 2022 2:15 pm
- Procne
- Posts: 984
- Joined: Sat May 29, 2010 3:04 pm
Re: java there's a major security exploit
by telum12 » Fri Jan 14, 2022 2:37 pm
Procne wrote:Even if the client used log4j, what could that exploit do?
It's a problem for java-backed app/web servers, where user input may result in some shady calls from the server.
With haven client what could you do with it - if you type specific phrase you will make the client, ran locally on your pc, make some calls?
It’s arbitrary code exec. It would only be bad if something from chat or some such was logged
MagicManICT wrote:To me, being called a pedo is exactly like being called gay.
Jalpha wrote:She must have been in heat bro. She was literally fanging for it. Literally posting repeatedly in chat, in all caps "DO IT! POST YOUR DICK! THERE'S NO WAY IT'S 7 INCHES!"
How could any hot-blooded male deny such a request under the circumstances.
-
telum12 - Posts: 430
- Joined: Mon Mar 12, 2012 10:36 pm
Re: java there's a major security exploit
by Procne » Fri Jan 14, 2022 3:24 pm
ah, true, chat from other players
- Procne
- Posts: 984
- Joined: Sat May 29, 2010 3:04 pm
Re: java there's a major security exploit
by vatas » Fri Jan 14, 2022 3:47 pm
Haven and Hearth Wiki (Maintained by volunteers - test/verify when practical. Forum thread
Basic Claim Safety (And what you’re doing wrong
TL:;DR: Build a Palisade with only Visitor gates.)
Combat Guide (Overview, PVE, PVP) (Includes how to escape/minimize risk of getting killed.)
Basic Claim Safety (And what you’re doing wrong
TL:;DR: Build a Palisade with only Visitor gates.)
Combat Guide (Overview, PVE, PVP) (Includes how to escape/minimize risk of getting killed.)
-
vatas - Posts: 4872
- Joined: Fri Apr 05, 2013 8:34 am
- Location: Suomi Finland Perkele
Re: java there's a major security exploit
by MagicManICT » Fri Jan 14, 2022 11:31 pm
jorb wrote:We do not use log4j, and are not at risk from this exploit.
Thanks. Moving this thread to The Inn since it has no direct impact on Haven.
Opinions expressed in this statement are the authors alone and in no way reflect on the game development values of the actual developers.
-
MagicManICT - Posts: 18436
- Joined: Tue Aug 17, 2010 1:47 am
15 posts
• Page 2 of 2 • 1, 2
Who is online
Users browsing this forum: No registered users and 18 guests
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group