Wurst.Wiki

The Official Wurst Client Wiki

User Tools

Site Tools

Trace:
log4shell

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
log4shell [2021/12/11 17:21] – created alexander01998log4shell [2023/01/21 23:18] (current) – [How to test if you are affected] fix typo alexander01998
Line 1: Line 1:
 ====== Log4Shell Vulnerability ====== ====== Log4Shell Vulnerability ======
  
-Log4Shell ([[https://www.randori.com/blog/cve-2021-44228/|CVE-2021-44228]]) is a remote-code-execution (RCE) vulnerability, meaning it can force your computer to run any arbitrary Java code.+Log4Shell ([[https://www.randori.com/blog/cve-2021-44228/|CVE-2021-44228]] and [[https://www.whitesourcesoftware.com/resources/blog/log4j-vulnerability-cve-2021-45046/|CVE-2021-45046]]) is a remote-code-execution (RCE) vulnerability, meaning it can force your computer to run any arbitrary Java code.
  
 Anyone can exploit this vulnerability by simply typing a special message into the Minecraft chat. Anyone can exploit this vulnerability by simply typing a special message into the Minecraft chat.
  
-If you are playing on a Minecraft server and your Minecraft installation is vulnerable (even if the server is patched), then another player could, for example, install a virus on your computer by simply sending you a chat message.+Log4Shell is caused by certain versions of the Log4j library, which are included in all Minecraft versions from 1.7 (released in 2014) to 1.18 (released in 2021). Both Minecraft clients and Minecraft servers can be vulnerable to this exploit.
  
-Log4Shell is caused by certain versions of the Log4j library, which are included in Minecraft 1.7 - 1.18. Both Minecraft clients and Minecraft servers can be vulnerable to this exploit.+===== Why care? =====
  
-===== Affected Wurst versions =====+If you are playing on a Minecraft server and your Minecraft installation is vulnerable (even if the server is patched), then another player could, for example, install a virus on your computer by simply sending you a chat message.((They could also [[https://twitter.com/gegy1000/status/1469714451716882434|install DOOM]] instead, but most attackers would probably choose malware.))
  
-^Wurst MC Version^Status^Patched by^How to fix^+===== Affected versions ===== 
 + 
 +==== Wurst Client ==== 
 + 
 +^MC Version^Status^Patched by^How to fix^ 
 +|Wurst MC 1.19+|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
 |Wurst MC 1.18.1|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)| |Wurst MC 1.18.1|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
-|Wurst MC 1.18|**<color #22b14c>Patched</color>**|Fabric Loader v0.12.10|Reinstall Fabric.| +|Wurst MC 1.18|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10, [[update:Wurst 7.19]]|Update Wurst or reinstall Fabric.| 
-|Wurst MC 1.17.x|**<color #22b14c>Patched</color>**|Fabric Loader v0.12.10|Reinstall Fabric.| +|Wurst MC 1.17.1|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10, [[update:Wurst 7.19]]|Update Wurst or reinstall Fabric.| 
-|Wurst MC 1.16.x|**<color #22b14c>Patched</color>**|Fabric Loader v0.12.10|Reinstall Fabric.| +|Wurst MC 1.17|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.| 
-|Wurst MC 1.15.x|**<color #22b14c>Patched</color>**|Fabric Loader v0.12.10|Reinstall Fabric.| +|Wurst MC 1.16.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.| 
-|Wurst MC 1.14.x|**<color #22b14c>Patched</color>**|Fabric Loader v0.12.10|Reinstall Fabric.| +|Wurst MC 1.15.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.| 
-|Wurst MC 1.12.x|**<color #22b14c>Patched</color>**|Wurst v6.35.2|Update Wurst.|+|Wurst MC 1.14.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.| 
 +|Wurst MC 1.12.x|**<color #22b14c>Patched</color>**|[[update:Wurst 6.35.2]]|Update Wurst.| 
 +|ForgeWurst MC 1.12.2|**<color #22b14c>Patched</color>**|Forge 1.12.2-14.23.5.2856|Reinstall Forge.|
 |Wurst MC 1.11.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.| |Wurst MC 1.11.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.|
 +|ForgeWurst MC 1.11.2|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.|
 |Wurst MC 1.10.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.| |Wurst MC 1.10.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.|
 |Wurst MC 1.9.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.| |Wurst MC 1.9.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.|
-|Wurst MC 1.8.x|**<color #22b14c>Patched</color>**|Wurst v6.35.2|Update Wurst.|+|Wurst MC 1.8.x|**<color #22b14c>Patched</color>**|[[update:Wurst 6.35.2]]|Update Wurst.|
 |Wurst MC 1.7.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.| |Wurst MC 1.7.x|<wrap em>Vulnerable</wrap>| |Do not use in multiplayer.|
  
 +**Note:** [[update:Wurst 7.19]] and later versions won't even launch when used with a Fabric Loader version older than v0.12.12. This ensures that they cannot accidentally be installed in such a way that they would be vulnerable.
 +
 +==== Wolfram Client ====
 +
 +^MC Version^Status^Patched by^How to fix^
 +|Wolfram MC 1.12.x|**<color #22b14c>Patched</color>**|[[https://www.wolframclient.net/updates/wolfram-9-8-1/|Wolfram 9.8.1]]|Update Wolfram.|
 +|Wolfram MC 1.11.x|**<color #22b14c>Patched</color>**|[[https://www.wolframclient.net/updates/wolfram-9-8-1/|Wolfram 9.8.1]]|Update Wolfram.|
 +|Wolfram MC 1.10.x|**<color #22b14c>Patched</color>**|[[https://www.wolframclient.net/updates/wolfram-9-8-1/|Wolfram 9.8.1]]|Update Wolfram.|
 +|Wolfram MC 1.9.4|**<color #22b14c>Patched</color>**|[[https://www.wolframclient.net/updates/wolfram-9-8-1/|Wolfram 9.8.1]]|Update Wolfram.|
 +|Wolfram MC 1.8.x|**<color #22b14c>Patched</color>**|[[https://www.wolframclient.net/updates/wolfram-9-8-1/|Wolfram 9.8.1]]|Update Wolfram.|
 +
 +==== Mo Glass ====
 +
 +^MC Version^Status^Patched by^How to fix^
 +|Mo Glass MC 1.19+|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
 +|Mo Glass MC 1.18.1|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
 +|Mo Glass MC 1.18|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10, [[https://www.curseforge.com/minecraft/mc-mods/mo-glass/files/3568214|Mo Glass 1.6]]|Update Mo Glass or reinstall Fabric.|
 +|Mo Glass MC 1.17.1|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10, [[https://www.curseforge.com/minecraft/mc-mods/mo-glass/files/3568219|Mo Glass 1.6]]|Update Mo Glass or reinstall Fabric.|
 +|Mo Glass MC 1.17|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|Mo Glass MC 1.16.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|Mo Glass MC 1.15.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|Mo Glass MC 1.14.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +
 +**Note:** Mo Glass 1.6 and later versions won't even launch when used with a Fabric Loader version older than v0.12.10. This ensures that they cannot accidentally be installed in such a way that they would be vulnerable.
 +
 +==== WI Zoom ====
 +
 +^MC Version^Status^Patched by^How to fix^
 +|WI Zoom MC 1.19+|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
 +|WI Zoom MC 1.18.1|**<color #22b14c>Not affected</color>**| |Relax, you're good. =)|
 +|WI Zoom MC 1.18|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|WI Zoom MC 1.17.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|WI Zoom MC 1.16.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|WI Zoom MC 1.15.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|WI Zoom MC 1.14.x|**<color #22b14c>Patched</color>**|Fabric Loader 0.12.10|Reinstall Fabric.|
 +|WI Zoom MC 1.12.2|**<color #22b14c>Patched</color>**|Forge 1.12.2-14.23.5.2856|Reinstall Forge.|
 +
 +===== How to check your Wurst version =====
 +
 +{{:wurstlogo.webp|Wurst v7.19 MC1.18.1}}
 +
 +Your Wurst version is displayed in the top left corner of the screen.
 +
 +===== How to check your Fabric Loader version =====
 +
 +**Note:** Fabric Loader 0.12.12 further improves the Log4Shell patch to cover cases published by CVE-2021-45046. This doesn't affect Minecraft by default, but it is theoretically possible that a mod would enable this issue.
 +
 +==== Official Launcher ====
 +
 +Click on the "Installations" tab and check what it says under your Fabric installation(s):
 +
 +{{:log4shell-loader-version-official-launcher.webp|Checking the Fabric Loader version in the official Minecraft launcher}}
 +
 +==== MultiMC ====
 +
 +**Note:** MultiMC has released their own patch for the Log4Shell exploit.((https://multimc.org/posts/log4j-remote-execution.html)) If you are using MultiMC, you might be fine even with a vulnerable version, but you should [[#how_to_test_if_you_are_affected|do a test in singleplayer]] to be sure.
 +
 +Click on "Edit Instance" and check what it says next to "Fabric Loader":
 +
 +{{:log4shell-loader-version-multimc.webp|Checking the Fabric Loader version in MultiMC}}
  
 ===== How to test if you are affected ===== ===== How to test if you are affected =====
Line 35: Line 103:
 Then check your log file (default: ''%appdata%/.minecraft/logs/latest.log''). Then check your log file (default: ''%appdata%/.minecraft/logs/latest.log'').
  
-If your Minecraft installation is **vulnerable**, you will see a long error like this in the logs:+If your Minecraft installation is **vulnerable**, you will see a long error like this in the logs:
 <file> <file>
 [17:32:25] [Client thread/INFO]: [CHAT] <Player671> ${jndi:ldap://127.0.0.1/a} [17:32:25] [Client thread/INFO]: [CHAT] <Player671> ${jndi:ldap://127.0.0.1/a}
Line 120: Line 188:
 {{tag>security}} {{tag>security}}
 ---- struct data ---- ---- struct data ----
 +hack.name            : 
 +hack.image           : 
 +hack.category        : 
 +hack.in-game description : 
 +hack.default keybind : 
 +hack.source code     : 
 ---- ----
  
log4shell.1639243304.txt.gz · Last modified: 2021/12/11 17:21 by alexander01998