How to check if your Linux server is vulnerable to Log4j

0
6

Log4j is aknown as “Log4Shell.” Log4j is very broadly used in a variety of consumer and enterprise services, websites, and applications—as well as in operational technology products—to log security and performance information. An unauthenticated remote actor could exploit this vulnerability to take control of an affected system

from https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance

The log4j is a serious vulnerability for you business, because is a zero-day flaw which allow attacker to execute any code on your system if this one depends on Log4j to write logs

The vulnerability CVSS score is 10 :

What are CVSS Scores | Balbix

The main issue is how to know is your system is using this library or not ? because a lot of application and software relies on this library !

To answer this question a github user created script which help to check for packages that include Log4j this script is in beta version and it.s not 100% accurate: https://github.com/rubo77/log4j_checker_beta

Which software is vulnerable ?

Any software using Apache Log4j (as a component) version between 2.0 and 2.14.1, inclusive.

How to use the script?

  1. Download the script:
wget https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/log4j_checker_beta.sh -q
chmod a+x og4j_checker_beta.sh
  1. Run script
./log4j_checker_beta.sh

This script is not a 100% guarantee, but you can use it like a good place to start your scan and analysis

Click to rate this post!
[Total: 3 Average: 5]

LEAVE A REPLY

Please enter your comment!
Please enter your name here