× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2021

Re: Remote code execution exploit found in Log4j -

How do you know if the jar sitting on your system is a threat or not? For
example, say it's not being used today but someone installs a product
tomorrow or enables a service that uses it? It would seem that the
existence of the object at all in the "unfixed realm" would be a hit on the
list of vulnerabilities? Right? I am assuming protocol demands removal of
all unpatched copies, then comes my question, if we "find a few copies"
identifying what might use them seems challenging. Patching various
products is not going to be a near-term option for a lot of us. Any ideas
on a comprehensive approach? Overkill?
copied text "Any Log4J version prior to v2.15.0 is affected by this
specific issue.

The version 1 branch of Log4J is vulnerable to other RCE attacks and should
be updated."

Thanks,

Mark Villa

On Tue, Dec 14, 2021 at 7:23 AM Andrew Lopez (SXS US) <
Andrew.Lopez@xxxxxxxxxxxxxxxxxx> wrote:

This was helpful:
https://www.itechsol.com/december-2021-security-alert/

I will note that if you follow those directions, you are scanning for
version 2* of the software. That is not found on my V7R3 system, but
version log4j-1.2.15.jar is. That is an out of date version, per Apache,
and will not be addressed by them.

For those curious, I found it under
/qibm/proddata/OS/WebServices/internal/engines/org.apache.axis2-15/WEB-INF/lib/log4j-1.2.15.jar.



_____________________________________________________________________
Spirax-Sarco Engineering Plc. This e-mail has been scanned for viruses by
Cisco Cloud Email Security.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.