Re: Struts vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Wed, Sep 6, 2017 at 7:45 PM, Eric Covener <covener@xxxxxxxxx> wrote:
On Wed, Sep 6, 2017 at 7:17 PM, Sean Son
<linuxmailinglistsemail@gmail.com> wrote:
> Hello all
>
> I am new to the mailing list as well as new to Apache Struts.  We all heard
> in the news about the vulnerability affecting Apache Struts. I have been
> tasked to determine which of our servers have Struts running on them.  I
> have a few questions on how to determine if a server is running Struts or
> not:
>
> 1) How does one determine if a Windows server, running IIS, has the Apache
> Struts framework installed on it?
>
> 2) Does Apache Struts only run on Apache Webserver and Tomcat?
>
> 3) Is there a simple way to determine if a server has Struts installed,
> instead of logging into each of the servers and checking the programs list?
>
>
> I appreciate ALL help!

Struts is a java library/framework that runs in Java-based application
servers. You won't see it in a process list, it could just be a jar
file in an application server directory or embedded in an enterprise
application.

Since it has no real relationship to httpd, it's not really topical on
this list.

--
Eric Covener
covener@xxxxxxxxx

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


Thank you Eric.. I am just confused as to how to track down which servers have this vulnerability


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux