Running a script to detect log4j vulnerabilities

Comments

Hi-

I am trying to run a script to detect log4j vulnerabilities I got from Red Hat. The file is 'cve-2021-44228--2022-01-10-1242.sh'. Not really knowing where log4j gets installed I want to run it from the root /. It has an option called SCANPATH and wants this to be an absolute path. I use this command:
bash cve-2021-44228--2022-01-10-1242.sh --scan / --tmp /home/alan/Downloads . It obviously doesn't like this path '/' as it is calling it a canonical name. What am I missing?
Or are there specific directories I should be searching utilizing this script? Every time I run the script it puts a report directory in the tmp directory I specify and I need to empty it each time I run the script on a different directory.

?
..ar

Started 2022-09-15T15:54:43+00:00 by

Alan Raczek

Active Contributor 165 points

Select Your Language

Running a script to detect log4j vulnerabilities

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links