I can recommend
https://github.com/mergebase/log4j-detectorWe scanned jdbc
PS C:\SVN> java -jar .\log4j-detector-2021.12.12.jar .\jdbc-4.50.4.1.jar
-- Analyzing paths (could take a long time).
-- Note: specify the '--verbose' flag to have every file examined printed to STDERR.
-- No Log4J 2.x samples found in supplied paths: [.\jdbc-4.50.4.1.jar]
-- Congratulations, the supplied paths are not vulnerable to CVE-2021-44228 ! :-)
PS C:\SVN> java -jar .\log4j-detector-2021.12.12.jar .\DriverInformix.jar
-- Analyzing paths (could take a long time).
-- Note: specify the '--verbose' flag to have every file examined printed to STDERR.
-- No Log4J 2.x samples found in supplied paths: [.\DriverInformix.jar]
-- Congratulations, the supplied paths are not vulnerable to CVE-2021-44228 ! :-)
------------------------------
Marc Demhartner
------------------------------
Original Message:
Sent: Tue December 14, 2021 12:34 PM
From: Paul Watson
Subject: Questions about the CVE-2021-44228 vulnerability
Shouldn't we be more worried about the JDBC driver rather than HQ ?
Cheers
Paul
Original Message:
Sent: 12/14/2021 11:40:00 AM
From: Paul Watson
Subject: RE: Questions about the CVE-2021-44228 vulnerability
Depends on your internal security rules, I know of two companies that have turned off HQ on systems that are not exposed to the internet.
I suspect if a company is breached by ANOther method and then use this vulnerability to gain further access then heads would roll
Cheers
Paul
Original Message:
Sent: 12/14/2021 9:31:00 AM
From: Snorri Bergmann
Subject: RE: Questions about the CVE-2021-44228 vulnerability
Hi.
I guess it should be OK to run HQ if the server is behind a firewall and thus exposed to the Internet?
Regards,
-Snorri
------------------------------
Snorri Bergmann
Original Message:
Sent: Mon December 13, 2021 06:59 PM
From: Scott Pickett
Subject: Questions about the CVE-2021-44228 vulnerability
There will be a statement forthcoming in the next days as to what we will be doing here. The lab has spent the last 3.5 days on this identifying possible vulnerabilities and a fix will be forthcoming. Stay tuned.
Scott Pickett
IBM Informix WW Technical Sales IBM Expert Labs
IBM Informix WW Cloud Technical Sales IBM Expert Labs
IBM Informix WW Cloud Technical Sales ICIAE IBM Expert Labs
IBM Informix WW Informix Warehouse Accelerator Sales IBM Expert Labs
Boston, Massachusetts USA
spickett@us.ibm.com617-899-7549
33 Years Informix User
The current Informix Roadshow presentations are here:
Original Message:
Sent: 12/13/2021 6:45:00 PM
From: Doug Lawry
Subject: RE: Questions about the CVE-2021-44228 vulnerability
I did the equivalent of what Markus suggested over the weekend on 14.10.FC6 and proved its HQ does contain the vulnerable log4j version 2. All IDS versions before that used logback in HQ which is unaffected.
------------------------------
Doug Lawry
Oninit Consulting
Original Message:
Sent: Mon December 13, 2021 07:20 AM
From: Paul Watson
Subject: Questions about the CVE-2021-44228 vulnerability
The recommendation I got from IBM via a PMR was not to use HQ until the dev team have investigated further
Cheers
Paul
Paul Watson
Oninit LLC
+1-913-387-7529
www.oninit.com
Oninit®️ is a registered trademark of Oninit LLC
Original Message:
Sent: 12/13/2021 4:38:00 AM
From: Markus Holzbauer
Subject: RE: Questions about the CVE-2021-44228 vulnerability
I would say, I would not use informixhq with the latest Informix Server versions..
Cheers,
Markus
------------------------------
Markus Holzbauer
Original Message:
Sent: Mon December 13, 2021 12:39 AM
From: SangGyu Jeong
Subject: Questions about the CVE-2021-44228 vulnerability
Hello All,
I have a question about a vulnerability related to Log4j.
The document below is an update on the vulnerabilities of Log4j-related classes.
https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
The files informixhq-agent.jar and informixhq-server.jar contain the Log4j class.
How can I check if this class is the version where the vulnerability exists?
Thanks,
SangGyu Jeong
------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------
#Informix