I am using a Mac for my daily work, But I do not know if I am vulnerable for the log4j exploit. Is there a way to find out? Is there a way to find all the applications that are using java? How to protect me? Update java? Update the log library? Deactivate the log library? What else and how?
Asked
Active
Viewed 344 times
3
-
Are you maintaining the application? Or are you merely an end-user? – Dec 13 '21 at 08:36
-
Just an end user. But maybe I am using applications that are using java which are vulnerable? That is not quite clear to me – Alex Dec 13 '21 at 09:00
-
3Does this answer your question? [How can the Log4Shell exploit affect an end user?](https://security.stackexchange.com/questions/257866/how-can-the-log4shell-exploit-affect-an-end-user) – Philipp Dec 13 '21 at 12:00
-
I'll just leave the collection of security advisories here https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592 – fgk Dec 16 '21 at 23:44
1 Answers
1
The major concern with CVE-2021-44228 (log4j\log4shell) is for Java applications that are remotely accessible, e.g., your typical corporate website.
It's not outside the realm of possibility, but an Internet (or even local network) accessible web application running on your Mac is not likely.
If you want to be sure, you can use Mac OS Terminal to run some basic checks. Here are a few, but there are many other ways ...
- Check for running java and friends processes:
ps -ef | grep "java|tomcat|httpd|apache|www|jre|jvm|.jar|log4j" | grep -v grep
- Look for open files relate to Java, web, etc.
sudo find -E / -iregex ".*/(java|tomcat|httpd)$" 2>/dev/null
- Show open ports and the associated process\command
lsof -PiTCP -sTCP:LISTEN
However, just the presence of vulnerable Java stacks or open ports does not necessarily mean you are at any major risk. There are a number of other possible factors in play.
BradleyMorgan
- 39
- 5