Even if the client used log4j, what could that exploit do?
It's a problem for java-backed app/web servers, where user input may result in some shady calls from the server.
With haven client what could you do with it - if you type specific phrase you will make the client, ran locally on your pc, make some calls?
java there's a major security exploit
15 posts
• Page 2 of 2 • 1, 2
Re: java there's a major security exploit
by Procne » Fri Jan 14, 2022 2:15 pm
- Procne
- Posts: 968
- Joined: Sat May 29, 2010 3:04 pm
Re: java there's a major security exploit
by telum12 » Fri Jan 14, 2022 2:37 pm
Procne wrote:Even if the client used log4j, what could that exploit do?
It's a problem for java-backed app/web servers, where user input may result in some shady calls from the server.
With haven client what could you do with it - if you type specific phrase you will make the client, ran locally on your pc, make some calls?
It’s arbitrary code exec. It would only be bad if something from chat or some such was logged
MagicManICT wrote:To me, being called a pedo is exactly like being called gay.
Jalpha wrote:She must have been in heat bro. She was literally fanging for it. Literally posting repeatedly in chat, in all caps "DO IT! POST YOUR DICK! THERE'S NO WAY IT'S 7 INCHES!"
How could any hot-blooded male deny such a request under the circumstances.
-
telum12 - Posts: 426
- Joined: Mon Mar 12, 2012 10:36 pm
Re: java there's a major security exploit
by Procne » Fri Jan 14, 2022 3:24 pm
ah, true, chat from other players
- Procne
- Posts: 968
- Joined: Sat May 29, 2010 3:04 pm
Re: java there's a major security exploit
by vatas » Fri Jan 14, 2022 3:47 pm
The most actively maintained Haven and Hearth Wiki (Not guaranteed to be up-to-date with all w14 changes.)
Basic Claim Safety (And what you’re doing wrong) (I recommend you read it in it's entirety, but TL:;DR: Build a Palisade.)
Combat Guide (Overview, PVE, PVP) (Tells you how to try and escape, and make it less likely to die when caught.)
Basic Claim Safety (And what you’re doing wrong) (I recommend you read it in it's entirety, but TL:;DR: Build a Palisade.)
Combat Guide (Overview, PVE, PVP) (Tells you how to try and escape, and make it less likely to die when caught.)
-
vatas - Posts: 4511
- Joined: Fri Apr 05, 2013 8:34 am
- Location: Suomi Finland Perkele
Re: java there's a major security exploit
by MagicManICT » Fri Jan 14, 2022 11:31 pm
jorb wrote:We do not use log4j, and are not at risk from this exploit.
Thanks. Moving this thread to The Inn since it has no direct impact on Haven.
Opinions expressed in this statement are the authors alone and in no way reflect on the game development values of the actual developers.
-
MagicManICT - Posts: 18437
- Joined: Tue Aug 17, 2010 1:47 am
15 posts
• Page 2 of 2 • 1, 2
Who is online
Users browsing this forum: No registered users and 5 guests
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group