I run a small web server. Apache Struts CVE-2017-5638(blog.trendmicro.com)
blog.trendmicro.com
I run a small web server. Apache Struts CVE-2017-5638
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/
2 comments
dpkg might not show it. Struts can be bundled in any java application and you'd never know.
I do not have it installed. so nothing to patch. i was thinking of making a fail2ban filter to add people who scan for the exploit to a list I share among my different servers to block it but still not clear what to look for in the logs