search

sassoftware / loguccino

Scan and patch tool for CVE-2021-44228 and related log4j concerns.
Apache License 2.0
34 stars 5 forks source link

Vulnerability persists on these two files #16

Closed sgeletta closed 2 years ago

sgeletta commented 2 years ago

C:\Program Files\SASHome\SASDeploymentManager\9.4\products\cfgwizard94550prtxxsp01\Utilities\AppServer\Source\Config\vfabrictcsvr\gemfire.zip::gemfire/lib/log4j-core-2.1.jar C:\Program Files\SASHome\SASDeploymentManager\9.4\products\cfgwizard94550prtxxsp01\Utilities\AppServer\Source\Config\vfabrictcsvr\jars\gemfire\log4j-core-2.1.jar

Java error: ERROR: Error while patching : java.nio.file.AccessDeniedException: C:\Program Files\SASHome\SASDeploymentManager\9.4\products\cfgwizard94550prtxxsp01\Utilities\AppServer\Source\Config\vfabrictcsvr\jars\gemfire\log4j-core-2.1.jar -> .\loguccino-patch-08012022144324\inventoryOriginals\0\C\Program Files\SASHome\SASDeploymentManager\9.4\products\cfgwizard94550prtxxsp01\Utilities\AppServer\Source\Config\vfabrictcsvr\jars\gemfire\log4j-core-2.1.jar at sun.nio.fs.WindowsException.translateToIOException(Unknown Source) at sun.nio.fs.WindowsException.rethrowAsIOException(Unknown Source) at sun.nio.fs.WindowsFileCopy.move(Unknown Source) at sun.nio.fs.WindowsFileSystemProvider.move(Unknown Source) at java.nio.file.Files.move(Unknown Source) at com.sas.vulnerabilities.patcher.SequentialPatcherInventoryTask.runSingleCveInventoryPath(SequentialPatcherInventoryTask.java:81) at com.sas.vulnerabilities.patcher.SequentialPatcherInventoryTask.run(SequentialPatcherInventoryTask.java:93) at lukfor.progress.tasks.Task.call(Task.java:39) at lukfor.progress.tasks.Task.call(Task.java:1) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) INFO: Patch results written to CSV file: C:\Users\Simon\scan\loguccino-patch-08012022144324\patch.csv

boomskats commented 2 years ago

This:

ERROR: Error while patching : java.nio.file.AccessDeniedException

Suggests that the user with which you are running this command does not have sufficient filesystem permissions to perform the patching. Or the file is otherwise locked?

boomskats commented 2 years ago

Closing, inactive. @sgeletta please reopen if problems persist after you've verified filesystem level permissions on the files you're trying to patch.