Apache Log4j Detection - Additional Corner Case Improvements

Summary:

Enhancements have been made to the Windows and Linux / Unix detection plugins for Apache Log4j to account for a couple of corner cases. The improvements that will be released on the target release date include:

  Apache Log4j Installed (Linux / Unix) (156000)

• Improved handling of partial results when approaching the plugin timeout particularly during the archive inspection.
  • Note: the plugin timeout can be adjusted under Advanced Settings (i.e. timeout.156000).
• Improved validation of Linux packages during the verification that an Log4j archive file is associated with the package.

  Apache Log4j JAR Detection (Windows) (156001)

• Increased the accuracy of parsing the version from the MANIFEST.MF file during the archive inspection.
• Expanded the Log4j archive file matching for older development releases (e.g. log4j-1.3alpha-8.jar).

Please reach out to Technical Support if there are any questions.

Impact:

Customers could notice an increase or decrease in new vulnerability detections as a result of these updates.

Plugins:

Apache Log4j Installed (Linux / Unix) (156000)

Apache Log4j JAR Detection (Windows) (156001)

Target Release Date:

August 8, 2022

Update: Improvements released in Nessus plugin feeds 202208081833, 202208082029, and 202208091950.