Join Log in
Score:0
avatar Server

How to detect log4J on windows server 2016 Datacenter machine

th flag
Mads Sander Høgstrup

So I recently got a mail about updating to the latest security update to the Apache software installed on my server (vulnerability (CVE-2021-44228 & CVE-2021-45046) related to Apache Log4j), but how can I detect where this log4j is used?

When I run cmd: java --version I get:

enter image description here

Then I found a github log4j script checker: ./wget.exe https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/lo g4j_checker_beta.sh -q -O - |bash , but it didn't tell me that much

enter image description here

Is there another command I could run, to check where this log4j need to be updated on my server?

I do run XAMPP on this machine, but are log4j used here?

486
0 + 0
in flag
Gerald Schneider
Does this answer your question? [How to scan for log4j on Windows Server](https://serverfault.com/questions/1087504/how-to-scan-for-log4j-on-windows-server)
0
Reply
Daniel K avatar
cn flag
Daniel K
Maybe you don't have the vulnerability on this server? You could try a simple file search for any file name containing 'log4j' or *.jar. But this will not be definitive.
0
Reply
th flag
Mads Sander Høgstrup
I tried Geralds link, and found this file: `Files/Amazon_Corretto/jdk11.0.11_9/lib/jrt-fs.jar ` How can i see if this uses log4j?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.