I just finished running this SQL Script... took quite a few hours (we have a lot of files on the IFS).
It found 134 instances of "log4j" on our system. Most of these are in /QIBM.. some are /QIBM/UserData/OS/ADMININST/admin2.
Some are .JAR files while others are .properties or .txt or .xml
I'm just not sure what any of that means if we've taken down the only externally facing access (web query)
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Mayer, Michael via MIDRANGE-L
Sent: Tuesday, December 14, 2021 8:02 AM
Cc: Mayer, Michael <MMayer@xxxxxxxxxxxxxx>
Subject: Remote code execution exploit found in Log4j .....
Good day everyone. This was on Linkedin last night from Scott Forstie ....
IBM i on Power System Admin.
The Florida Bar
651 E. Jefferson St
Tallahassee, Florida 32399-2300
1. Re: Remote code execution exploit found in Log4j -
CVE-2021-44228 (Jim Oberholtzer)
date: Mon, 13 Dec 2021 15:20:23 -0600
from: Jim Oberholtzer <midrangel@xxxxxxxxxxxxxxxxx>
subject: Re: Remote code execution exploit found in Log4j -
IBM has to look in the several thousand places where that code could be found. That's just IBMi and LPPs and utilities, not to mention the other
software/hardware products. That's not going to happen in several
hours. Then when/if they find it they have to decide what to do about it.
Has Apache even posted a fix for it yet? I understand your frustration, however as a developer you know that sometimes you are faced with an issue that you need to think about before you come to a suitable solution.
Chief Technical Architect
Agile Technology Architects
Please note: Florida has very broad public records laws. Many written communications to or from The Florida Bar regarding Bar business may be considered public records, which must be made available to anyone upon request. Your e-mail communications may therefore be subject to public disclosure.
As an Amazon Associate we earn from qualifying purchases.