On Wed, Sep 6, 2017 at 7:45 PM, Eric Covener <cove...@gmail.com> wrote:
> On Wed, Sep 6, 2017 at 7:17 PM, Sean Son > <linuxmailinglistsem...@gmail.com> wrote: > > Hello all > > > > I am new to the mailing list as well as new to Apache Struts. We all > heard > > in the news about the vulnerability affecting Apache Struts. I have been > > tasked to determine which of our servers have Struts running on them. I > > have a few questions on how to determine if a server is running Struts or > > not: > > > > 1) How does one determine if a Windows server, running IIS, has the > Apache > > Struts framework installed on it? > > > > 2) Does Apache Struts only run on Apache Webserver and Tomcat? > > > > 3) Is there a simple way to determine if a server has Struts installed, > > instead of logging into each of the servers and checking the programs > list? > > > > > > I appreciate ALL help! > > Struts is a java library/framework that runs in Java-based application > servers. You won't see it in a process list, it could just be a jar > file in an application server directory or embedded in an enterprise > application. > > Since it has no real relationship to httpd, it's not really topical on > this list. > > -- > Eric Covener > cove...@gmail.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > Thank you Eric.. I am just confused as to how to track down which servers have this vulnerability