search

logpresso / CVE-2021-44228-Scanner

Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
Apache License 2.0
850 stars 174 forks source link

what's the meaning of "Scanned 0 directories and 0 files"? #217

Closed Mandy67890 closed 2 years ago

Mandy67890 commented 2 years ago

Hello. i am using log4j2-scan to scan all directories under / as blow, but the output is "Scanned 0 directories and 0 files", does it mean no vulnerabilities?

As i understand, no directories and files were scanned, i do not know why it happened? on another environment, using the same command, vulnerabilities were scanned. could you please help on it, thanks in advance:)

./log4j2-scan / Logpresso CVE-2021-44228 Vulnerability Scanner 2.6.3 (2021-12-27) Scanning directory: / (without /, /dev, /dev/shm, /run, /sys/fs/cgroup, /proc/sys/fs/binfmt_misc, /run/user/0, /cluster, /run/netns, /var/opt/cba-sec/keys/crypto, /var/opt/cba-sec/keys/cert)

Scanned 0 directories and 0 files Found 0 vulnerable files Found 0 potentially vulnerable files Found 0 mitigated files Completed in 0.00 seconds

Thanks Mandy

JackGruber commented 2 years ago

Hello, that no files were scanned. You have in your exclusion list / witch exclude all directorys.

xeraph commented 2 years ago

@Mandy67890 Would you comment fdisk -l or du -T? Maybe root directory is one of nfs, nfs3, nfs4, afs, cifs, autofs, tmpfs, devtmpfs, fuse.sshfs or iso9660 file system. You can force run with --exclude-fs none switch

Mandy67890 commented 2 years ago

Hi xeraph, With --exclude-fs none switch works for me, thanks for your help:)

//Mandy