New zero-day exploit for Log4j Java library is an enterprise nightmare

[Active8]

If you want to scan your server for vulnerability, you can use this script:

wget https://github.com/dtact/divd-2021-00038--log4j-scanner/releases/download/1.0-alpha/divd-2021-00038--log4j-scanner_v1.0-alpha_linux-amd64.tar.gz
tar -xvzf divd-2021-00038--log4j-scanner_v1.0-alpha_linux-amd64.tar.gz
chmod +x divd-2021-00038--log4j-scanner
./divd-2021-00038--log4j-scanner /*

You can ignore any permission warnings , at the end you must see "0 vulnerable files found, 0 vulnerable libraries found"

 

[Richard G]

alpha_linux-amd64

Edit: Just tested on a couple of servers, intel and amd, works fine, also looks into archives.

Our systems found 1 vulnerable file and after checking it's in Softaculous, the ilias application. The vulnerable file is in the ilias.zip file (version 7.5 if I remember correctly).
So for people running Softaculous, it's best to remove ilias completely from the list, until it's fixed.