Comments (7)
I get:
c:\Miracle_online>log4j2-scan.exe D:\Oracle\product\12.2.0\dbhome_1\md
scan error: zip END header not found
scan error: zip END header not found
scan error: zip END header not found
Scanned 18 directories and 616 files
Found 0 vulnerable files
Completed in 3.73 seconds
And I know 4 sure the some files are hit here:
Directory of D:\Oracle\product\12.2.0\dbhome_1\md\jlib
14-12-2021 15:58
.14-12-2021 15:58 ..
05-12-2016 17:33 5.247.419 elocation.ear
05-12-2016 17:33 5.359.007 elocation.ear.zip
05-12-2016 17:33 2.832.239 geocoder.ear
05-12-2016 17:33 2.841.182 geocoder.ear.zip
05-12-2016 17:33 246.988 georasterapi.jar
07-12-2018 04:50 11 log4j-1.2.17.jar
28-07-2020 21:02 292.301 log4j-api-2.13.2.jar.xxx
06-03-2018 22:09 239.856 log4j-api-2.9.1.jar.xxx
28-07-2020 21:02 1.714.151 log4j-core-2.13.2.jar.xxx
06-03-2018 22:09 1.549.868 log4j-core-2.9.1.jar.xxx
28-07-2020 21:02 23.591 log4j-slf4j-impl-2.13.2.jar.xxx
06-03-2018 22:09 23.153 log4j-slf4j-impl-2.9.1.jar.xxx
from cve-2021-44228-scanner.
I tried with new package and gets below details:
c:\temp>log4j2-scan.exe c:\ManageEngine
Logpresso CVE-2021-44228 Vulnerability Scanner 1.3.0 (2021-12-15)
Skipping broken jar file c:\ManageEngine\SupportCenter\applications\extracted.ol
d\AdventNetSupportCenter.eear\AdventNetServiceDeskWC.ear\AdventNetServiceDesk.wa
r\WEB-INF\lib\jfreechart.jar ('zip END header not found')
super useful information, thanks folks for doing this.
from cve-2021-44228-scanner.
@AlexMilotin If application uses common class loader, you don't need to inspect zip files. Ordinary programmers do not write thier own classloader for thier use. Valid ZIP file should starts with PK
(0x50 0x4b) bytes like this:
However, JDK does not fully support newer ZIP standards (As I referenced in release note: Avoid ZipInputStream for flat ZIP files: https://bugs.openjdk.java.net/browse/JDK-8143613) JDK cannot open some ZIP files which can be opened by other zip utility programs.
Anyway, In most cases, you don't need to inspect zip files.
from cve-2021-44228-scanner.
I have the same issue til log44 jars in oracle home
from cve-2021-44228-scanner.
same here, I can see log4j.jar in directory, but seems it cannot read it somehow.
PS C:\temp> .\log4j2-scan.exe C:\ManageEngine
scan error: zip END header not found
Scanned 50994 directories and 85903 files
Found 0 vulnerable files
Completed in 56.59 seconds
from cve-2021-44228-scanner.
@kiasalimielizi @Mettemusens You can find broken jar files using v1.3.0 release.
from cve-2021-44228-scanner.
How does a broken .jar is actually defined? based on what?
A short example from my side
I did unpacked some random of archived which were in this category and they do not contain .jar files within them.
Would be it be then safe to assume that all those with ('zip END header not found') can be ignored ?
from cve-2021-44228-scanner.
Related Issues (20)
- logpresso identifies CVE-2021-4104 in reload4j HOT 6
- Scanner crashes with -Xmx option and very low memory limits HOT 2
- Additional output of secure log4j Versions HOT 7
- networking in v3 HOT 3
- False positive detection for CVE-2021-44228 HOT 1
- Request: Reporting in Zabbix HOT 2
- Scanning has side effects on running java.exe? HOT 1
- modify the report HOT 5
- Returning Error code in Batch File HOT 1
- Spring Framework for Java vulnerable to remote code execution CVE-2022-22965 HOT 9
- Scan and Fix with log file.
- Is it necessary to run the tool every boot?
- Cannot fix CVE-2021-44832 upgrade it HOT 1
- CVE-2021-45046 not being detected by Logspresso
- Oracle not vulnerable?
- log4j 2.18 has been released
- Logpresso does not touch MANIFEST files?
- Processor usage limit (mainly on) Linux
- Error: "unsupported feature encryption used in entry"
- Cannot Fix
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cve-2021-44228-scanner.