Thanks David and thanks S.Frostie

Now, what do I do with the 41 objects found?

Samples:
/QIBM/WAS/IMFIXPACKS/IM/19100620210614_1906/FIXPACK/plugins/org.apache.ant_1.9.6.v201510161327/lib/ant-apache-log4j.jar

/QIBM/ProdData/WebSphere/AppServer/V85/Express/deploytool/itp/plugins/org.apache.axis_1.4.0.v201005080400/lib/log4j.properties

/QIBM/UserData/OS/ADMININST/admin2/wlp/usr/servers/admin2/workarea/org.eclipse.osgi/234/0/.cp/WEB-INF/lib/log4j-1.2.14.jar


Gad



date: Tue, 14 Dec 2021 11:59:02 -0600
from: David Gibbs via MIDRANGE-L <midrange-l@xxxxxxxxxxxxxxxxxx>
subject: Re: Remote code execution exploit found in Log4j .....

On 12/14/21 7:01 AM, Mayer, Michael via MIDRANGE-L wrote:
Good day everyone. This was on Linkedin last night from Scott Forstie
....

https://gist.github.com/forstie/9662d4c302f5224c66b7a4c409141a2c

One thing to keep in mind ... some vendors repackage jar's so their
product is included in a single jar, with all the required classes
included (either as classes or jar's with a special class loader).

This is going to make it very difficult to detect if the vulnerable
classes are used.

david

--
I'm riding in the American Diabetes Association's Tour de Cure to raise
money for diabetes research, education, advocacy, and awareness. You
can make a tax-deductible donation to my ride by visiting
https://mideml.diabetessucks.net.

You can see where my donations come from by visiting my interactive
donation map ... https://mideml.diabetessucks.net/map (it's a geeky
thing).



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) digest list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.