Hey , i have a Microsoft Exchange Serer 2016 that i am testing and time to time Log4j active Http plugin reports a False positive.
script name “Apache Log4j 2.0.x Multiple Vulnerabilities (HTTP, Log4Shell) - Active Check”
I was wondering if it is only me that encounters this or there are other reported False positives for this plugin?
I’d like to check something before I pass this on, by time to time do you mean that it’s being inconsistent in that some scans are fine and others are showing the false positive (sorry if this sounds like a simple question but want to clarify). Thanks!
If issues like this are showing up after updating the underlying software stack (e.g. the scanner in this case) please open a new issue over here:
This category is only used for the VT / NASL side. AFAICT nothing changed on that side since many months so it could be possible that some kind of bug got introduced on software stack side in between these versions causing this new behavior.
Only for tracking purposes, the user in the GitHub issue seems to have indicated that these have been originating from some misconfiguration on the underlying operating system side:
Hello everyone, I’m closing the task because I found a problem and it was on the server side.
the problem was incorrect limits in /etc/security/limits.conf