SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.vpngate.net/

LOG4J cve-2021-44228 - DOES IT AFFECT SOFTETHER?

https://forum.vpngate.net/viewtopic.php?f=7&t=67290

Page 1 of 1

LOG4J cve-2021-44228 - DOES IT AFFECT SOFTETHER?

Posted: Sat Dec 11, 2021 1:20 pm
by skypurplecloud
Hi ALL,

does this new vulnerability affect SoftEther?

cve-2021-44228 -log4jshell

Thanks.

Re: LOG4J cve-2021-44228 - DOES IT AFFECT SOFTETHER?

Posted: Mon Dec 13, 2021 7:16 pm
by Retinaquester2
Same question here, since our SE-VPN sever is obvisously exposed, maybe we can have a comment/sticky about this.
I also noticed a increase in portscans so I am worried.

Re: LOG4J cve-2021-44228 - DOES IT AFFECT SOFTETHER?

Posted: Wed Dec 15, 2021 4:29 pm
by BobVVue
Also concerned and will patch if something comes out.

In the mean time, don't know if it helps, but used SE Server Manager, I turned off all LOGGING options Under the Manage Virtual Hub -> Log Save Settings. Never have to look at them anyway, so turned off all logging. Don't know if this helps mitigate the Log4j or not. Anyone?

Re: LOG4J cve-2021-44228 - DOES IT AFFECT SOFTETHER?

Posted: Wed Dec 15, 2021 5:17 pm
by drkrool
I don't know if it helps, but it isnt coded in Java avcording to this (graph says in C)
https://www.softether.org/9-about/News/800-open-source

Else you might want to run a scanner in the uncompiled open source code or something to make sure
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/