SECURITY NOTICE on graphics files

f1systems · March 29, 2023, 8:20pm

Received security notice that there are 4 tampered files. Three are .PNG graphics and the last is a .PHP script related to Cortel phones which we do not have.
This system is a new install with a restored backup from previous which included Endpoint Manager. I suspect old pictures got installed and are now being detected as tampered. Make sense?

Should I ignore these files or replace them with current version?
Is there somewhere I can download individual files or do I dig them out of the newest installation media?

SECURITY NOTICE:

You have 4 tampered files:

Module: “EndPoint Manager”, File:
“/var/www/html/admin/modules/endpoint/assets/img/S505.png altered”
Module: “EndPoint Manager”, File:
“/var/www/html/admin/modules/endpoint/assets/img/SIP-T54W.png altered”
Module: “EndPoint Manager”, File:
“/var/www/html/admin/modules/endpoint/assets/img/XP0100P.png altered”
Module: “EndPoint Manager”, File:
“/var/www/html/admin/modules/endpoint/install/cortelcoInstall.php altered”

dobrosavljevic · March 29, 2023, 8:39pm

SSH into the system and on the CLI try fwconsole ma downloadinstall endpoint && fwconsole chown

f1systems · March 29, 2023, 10:47pm

That sounds right.

f1systems · March 30, 2023, 7:00pm

FreePBX 16.0.39
EndPoint Manager 16.0.77.1 (Stable)

Success!
As [dobrosavljevic] suggested from the CLI:

fwconsole ma downloadinstall endpoint && fwconsole chown

The did a graceful restart on Asterisk and the errors are cleared.

Thanks for your help!

system · April 6, 2023, 7:00pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.