httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Struts vulnerability
Date Wed, 06 Sep 2017 23:45:24 GMT
On Wed, Sep 6, 2017 at 7:17 PM, Sean Son
<linuxmailinglistsemail@gmail.com> wrote:
> Hello all
>
> I am new to the mailing list as well as new to Apache Struts.  We all heard
> in the news about the vulnerability affecting Apache Struts. I have been
> tasked to determine which of our servers have Struts running on them.  I
> have a few questions on how to determine if a server is running Struts or
> not:
>
> 1) How does one determine if a Windows server, running IIS, has the Apache
> Struts framework installed on it?
>
> 2) Does Apache Struts only run on Apache Webserver and Tomcat?
>
> 3) Is there a simple way to determine if a server has Struts installed,
> instead of logging into each of the servers and checking the programs list?
>
>
> I appreciate ALL help!

Struts is a java library/framework that runs in Java-based application
servers. You won't see it in a process list, it could just be a jar
file in an application server directory or embedded in an enterprise
application.

Since it has no real relationship to httpd, it's not really topical on
this list.

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message