Comments (8)
You probably meant Is there any concrete information out there that manager really needs to be removed too?
from local-log4j-vuln-scanner.
You probably meant Is there any concrete information out there that manager really needs to be removed too?
Thanks, edited
from local-log4j-vuln-scanner.
That's a very good question by the way, I'm really looking forward for the answer.
from local-log4j-vuln-scanner.
I suppose we could add back JndiLookup.class hashes…
from local-log4j-vuln-scanner.
I suppose we could add back JndiLookup.class hashes…
What we want to know if if you have any sources that JdniManager.class is vulnerable or not? I have try to find it myself and didn't find any sign of it. Thanks for what you have done though really appreciate it.
from local-log4j-vuln-scanner.
I think that my original assumption around JndiManager was based on the fact that JndiManager.java had been patched for 2.15 while JndiLookup.java had not.
In my attempts at reproducing the vulnerability (including the 127.0.0.1#.
workaround)), JAR files with JndiManager.class removed could not be used to reproduce the RCE.
from local-log4j-vuln-scanner.
Thanks for your feedback. Some vendors rely on the guidance from Apache regarding removing the Lookup class as workaround. So it seems both to be sufficient and also the minimum required deletion. Therefore for our scanning we've added the Lookup classes too so that they are detected and then filtering on the log side to treat everything as not vulnerable that has at least the lookup class missing.
from local-log4j-vuln-scanner.
Hi Hilko, I'd really like to see a filter against JndiLookup rather than JndiManager as we remediating by removing the JndiLookup.class but on re-run it's still finding a vulnerable version of JndiManager.class.
I've tried to change the hash info in filter.go before building to no avail.
Any help would be greatly appreciated
from local-log4j-vuln-scanner.
Related Issues (20)
- command line option for jar file matching HOT 7
- Misnamed executable for patching HOT 1
- Can't read magic from JAR file member HOT 1
- Treat 2.12.2 as fixed version
- New magic number check failure HOT 2
- Strange "indicator" message from scanner HOT 1
- Patcher does not seem to fix WAR files HOT 1
- apache log4j 2.17 already out, please add HOT 1
- Even with exclude, tool scans folders HOT 4
- CVE-2021-45105 should mark 2.16 as vulnerable HOT 4
- How to use filter.go HOT 4
- Feature request: -exclude with wildcards HOT 1
- Just curious - why do you do f.Seek(0, END) twice? HOT 1
- Scans network shares on macOS HOT 9
- Unable to scan network filesystems HOT 5
- x86 support? HOT 3
- installation with go install HOT 2
- Crash when jar file is zero bytes HOT 2
- Virustotal 2 security vendors and no sandboxes flagged this file as malicious HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from local-log4j-vuln-scanner.