Forum Discussion

4 years ago

Tenable Research is providing the following supporting...

Tenable Research is providing the following supporting information about the 31 NASL detection plugins and two WAS plugin recently released in response to a critical vulnerability reported in Log4j (...

Connect Contributor IV

4 years ago

One other issue -- it appears Tenable is determining the log4j.jar version number from the FILENAME.

log4j-2.14.0.jar will be identified is 2.14.0

log4j.jar will be identified as "unknown"

I'm not sure if it's possible to get a version number out of the Jar in an efficient manner -- it's in the MANIFEST.INF in most files we've opened up, but it takes time to extract it I imagine.

We've got thousands of "unknown" versions scattered about, how can plugins help us identify them?

Forum Discussion

Tenable Research is providing the following supporting...

Recent Discussions

Python Package Enumeration - Detection Updates

Ivanti Neurons & Endpoint Manager Mobile Integration

Plugin 135860 (wmi_not_available) No Longer Fires if No Viable WMI Credentials were found

Machine Learning SinFP Model Updates for OS Fingerprinting

New Plugin Family: UnionTech Local Security Checks

Americas

Europe

Asia / Australia