I run a small web server. Apache Struts CVE-2017-5638
blog.trendmicro.comI checked my debian install dpkg -l |grep struts
I do not have it installed. so nothing to patch. i was thinking of making a fail2ban filter to add people who scan for the exploit to a list I share among my different servers to block it but still not clear what to look for in the logs
dpkg might not show it. Struts can be bundled in any java application and you'd never know.