<div dir="ltr"><div dir="auto"><div>Bom dia o Issabel utiliza o FreePBX como base, logo é bem provável que esteja vulnerável. </div><div><br></div><div><br></div><div><span style="font-family:sans-serif;font-size:14px">"Issabel is based upon open-source versions of </span><a href="https://en.wikipedia.org/wiki/Elastix" title="Elastix" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">Elastix</a><span style="font-family:sans-serif;font-size:14px">, </span><a href="https://en.wikipedia.org/wiki/Asterisk_(PBX)" title="Asterisk (PBX)" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">Asterisk</a><span style="font-family:sans-serif;font-size:14px">, </span><a href="https://en.wikipedia.org/wiki/FreePBX" title="FreePBX" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">FreePBX</a><span style="font-family:sans-serif;font-size:14px">, </span><a href="https://en.wikipedia.org/wiki/HylaFAX" title="HylaFAX" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">HylaFAX</a><span style="font-family:sans-serif;font-size:14px">, </span><a href="https://en.wikipedia.org/wiki/Openfire" title="Openfire" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">Openfire</a><span style="font-family:sans-serif;font-size:14px"> and </span><a href="https://en.wikipedia.org/wiki/Postfix_(software)" title="Postfix (software)" style="text-decoration-line:none;color:rgb(11,0,128);background-image:none;background-position:initial;background-size:initial;background-repeat:initial;background-origin:initial;background-clip:initial;font-family:sans-serif;font-size:14px">Postfix</a><span style="font-family:sans-serif;font-size:14px"> and provides PBX, fax, instant messaging and e-mail server functionality."</span><br></div><div><span style="font-family:sans-serif;font-size:14px">Fonte: </span><font face="sans-serif"><span style="font-size:14px"><a href="https://en.wikipedia.org/wiki/Issabel">https://en.wikipedia.org/wiki/Issabel</a></span></font></div><div><font face="sans-serif"><span style="font-size:14px"><br></span></font></div><div><span style="font-family:sans-serif;font-size:14px"><br></span></div><div><br><div class="gmail_extra"><br><div class="gmail_quote">Em 5 de jul de 2017 9:52 PM, "Wagner Souza" <<a href="mailto:wagnerspbh@gmail.com" target="_blank">wagnerspbh@gmail.com</a>> escreveu:<br type="attribution"><blockquote class="gmail-m_2047527127980407252quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">O Issabel tb está vulnerável a esse ataque maldito? </div><div class="gmail-m_2047527127980407252elided-text"><div class="gmail_extra"><br><div class="gmail_quote">Em 5 de jul de 2017 21:28, "pedrocosta" <<a href="mailto:pedrocosta@infobarranet.com.br" target="_blank">pedrocosta@infobarranet.com.b<wbr>r</a>> escreveu:<br type="attribution"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Exatamente esse é o problema, dai precisa deletar esses arquivos, e reinstalar o freepbx<br>
yum reinstall freepbx<br>
<br>
<br>
Enviado pelo meu BLU Android SmartphoneEm 05/07/2017 19:30, Wagner Souza <<a href="mailto:wagnerspbh@gmail.com" target="_blank">wagnerspbh@gmail.com</a>> escreveu:<br>
><br>
> Então será por isso que estou com alguns servidores que ficou inacessível a<br>
> parte de configuração do PABX e a interface do FreePBX? Tenho alguns<br>
> servidores que nos últimos dias não abrem mais a página de gerência do PABX.<br>
><br>
> Em 5 de jul de 2017 18:20, "Marcelo Terres" <<a href="mailto:mhterres@gmail.com" target="_blank">mhterres@gmail.com</a>> escreveu:<br>
><br>
> > <a href="http://forum.issabel.org/d/187-beware-new-elastix-2-5-4-" rel="noreferrer" target="_blank">http://forum.issabel.org/d/187<wbr>-beware-new-elastix-2-5-4-</a><br>
> > 0-freepbx-2-11-0-26-exploit<br>
> ><br>
> > Marcelo H. Terres <<a href="mailto:mhterres@gmail.com" target="_blank">mhterres@gmail.com</a>><br>
> > IM: <a href="mailto:mhterres@jabber.mundoopensource.com.br" target="_blank">mhterres@jabber.mundoopensourc<wbr>e.com.br</a><br>
> > <a href="https://www.mundoopensource.com.br" rel="noreferrer" target="_blank">https://www.mundoopensource.co<wbr>m.br</a><br>
> > <a href="https://twitter.com/mhterres" rel="noreferrer" target="_blank">https://twitter.com/mhterres</a><br>
> > <a href="https://linkedin.com/in/marceloterres" rel="noreferrer" target="_blank">https://linkedin.com/in/marcel<wbr>oterres</a><br>
> ><br>
> ><br>
> > 2017-07-05 22:13 GMT+01:00 Marcelo Terres <<a href="mailto:mhterres@gmail.com" target="_blank">mhterres@gmail.com</a>>:<br>
> > > Mas eh um php muito do poderoso... :-D<br>
> > ><br>
> > > Ainda mais que tem acesso as coisas que somente o root deveria ter,<br>
> > > como regras do iptables.<br>
> > ><br>
> > > Mas como eh o messi a gente entende, o cara eh bola de ouro :-P<br>
> > ><br>
> > > []s<br>
> > > Marcelo H. Terres <<a href="mailto:mhterres@gmail.com" target="_blank">mhterres@gmail.com</a>><br>
> > > IM: <a href="mailto:mhterres@jabber.mundoopensource.com.br" target="_blank">mhterres@jabber.mundoopensourc<wbr>e.com.br</a><br>
> > > <a href="https://www.mundoopensource.com.br" rel="noreferrer" target="_blank">https://www.mundoopensource.co<wbr>m.br</a><br>
> > > <a href="https://twitter.com/mhterres" rel="noreferrer" target="_blank">https://twitter.com/mhterres</a><br>
> > > <a href="https://linkedin.com/in/marceloterres" rel="noreferrer" target="_blank">https://linkedin.com/in/marcel<wbr>oterres</a><br>
> > ><br>
> > ><br>
> > > 2017-07-05 21:50 GMT+01:00 Pedro Costa <<a href="mailto:pedrocosta@infobarranet.com.br" target="_blank">pedrocosta@infobarranet.com.b<wbr>r</a>>:<br>
> > >> Boa tarde<br>
> > >><br>
> > >><br>
> > >><br>
> > >> Cuidado com o vírus que está entrando no elastix 2.5 e 4.0 messi.php e<br>
> > >> magnito.php<br>
> > >><br>
> > >><br>
> > >><br>
> > >> Na pasta var/www/html/_asterisk<br>
> > >><br>
> > >><br>
> > >><br>
> > >> Ele acessa o dbpaulo e depois copia os dados de acesso, entre outros<br>
> > >> estragos de pabx e também derruba as regras no fail2ban e iptables...<br>
> > >><br>
> > >><br>
> > >><br>
> > >> Sugiro que pesquisem bem, pois começou a ser espalhado esse mês tem como<br>
> > >> objetivo rastrear servidores que utilizem o a2billing, ainda não</blockquote></div></div>
</div><br>______________________________<wbr>_________________<br>
KHOMP: completa linha de placas externas FXO, FXS, GSM e E1<br>
Media Gateways de 1 a 64 E1s para SIP com R2, ISDN e SS7<br>
Intercomunicador e acesso remoto via rede IP e telefones IP<br>
Conheça todo o portfólio em <a href="http://www.Khomp.com" rel="noreferrer" target="_blank">www.Khomp.com</a><br>
______________________________<wbr>_________________<br>
Para remover seu email desta lista, basta enviar um email em branco para <a href="mailto:asteriskbrasil-unsubscribe@listas.asteriskbrasil.org" target="_blank">asteriskbrasil-unsubscribe@lis<wbr>tas.asteriskbrasil.org</a><br></blockquote></div><br></div></div></div>
</div>