News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon

We're community supported and proud of it!

  • Tip for the weekend – scanning for Log4j vulnerabilities

    Home » Forums » AskWoody blog » Tip for the weekend – scanning for Log4j vulnerabilities

    Author
    Topic
    #2411259

    Video here I wrote about this the other day in the newsletter to check your computer for the Log4j2 vulnerability. So far the good news is that I’ve n
    [See the full post at: Tip for the weekend – scanning for Log4j vulnerabilities]

    Susan Bradley Patch Lady

    3 users thanked author for this post.
    Viewing 6 reply threads
    Author
    Replies
    • #2411262

      And…not forgetting the log4jscanner for Linux and MacOS which is available over on: https://github.com/Qualys/log4jscanlinux

      Select green [Code] button then download .zip file

      see linked webpage for instructions

      Supported platforms: Linux(RHEL, CentOS, Ubuntu, Debian, Amazon Linux, and OEL), MacOS, AIX, and Solaris
      Supported architectures: x64, ARM(Linux)

      one redmond way, it's THAT obvious!
      2 users thanked author for this post.
    • #2411506

      Interesting. So what does Partially Successful mean?

      logj4scan

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

      • #2411547

        Good question just rerunning in a command prompt as just executing the exe does not leave the window open . 18 seconds sounds WAY too fast.

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
      • #2411686

        I had that on a machine, it just meant that there was a file it couldn’t read, not necessarily that it found anything.

        Susan Bradley Patch Lady

    • #2411523

      LanSweeper has added a couple of reports to point out problematic software.

      Only vulnerability I found on my network was APC PowerChute Business edition.

    • #2411541

      any comments on the Log4jRemediate program?
      I found a bunch of Android SDK, studio stuff had vuls but nothing that normally runs on my home computer. (or that I have even looked at in years)

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      • #2411687

        I didn’t want to fix/remediate, I wanted my vendor to do it.

        Susan Bradley Patch Lady

    • #2411679

      Thanks for this version, which is much easier to use than the earlier ones you’ve mentioned. For vendor software, we can add IBM SPSS 26 for Windows to the list with vulnerabilities (three instances). There’s no obvious web exposure for this software on my machines, so I’ll wait for the next version unless a patch somehow appears before.

    • #2411739

      It is probably best to redirect to a text file which will make it easier to read once it is finished. Putting the scanner on a network share with a BAT file to call it will make it even easier to run on multiple machines. Just right click the BAT and Run as administrator.

      Code:
      \\SERVER\SHARE$\Log4jScanner\x64\Log4jScanner.exe > c:\%COMPUTERNAME%_log4jscanner_results.txt
    • #2411972

      Seems there is something buggy with the program. First, it spontaneously closes the command window without even giving the summary report that it’s suppose to.  Mine found a few vulnerabilities in a Steam folder but then crashed without creating any summary. I tried it again by piping to a text file, but the text file remained at zero bytes, not even showing the items it did find.

      If it crashes because of some file it couldn’t read, how am I to trust that it scanned all my harddrives? I have two internal 4TB backup drives that could not possibly be scanned in the short amount of time before log4jscanner crashed.

      Win10 Pro x64 21H2, Win10 Home 21H2, Linux Mint + a cat with 'tortitude'.

      • #2412007

        Got it to work by making sure I unzipped the whole Log4jScannerRemediate-2.0.2.7.zip file into a directory. I had previously only extracted the log4jscanner.exe file.

        Seems it needs to have the Log4jRemediate.exe file available in the same directory to properly create a summary and not close the command window.

        Win10 Pro x64 21H2, Win10 Home 21H2, Linux Mint + a cat with 'tortitude'.

    Viewing 6 reply threads
    Reply To: Tip for the weekend – scanning for Log4j vulnerabilities

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.