Sabroso Posted February 12, 2016 Report Share Posted February 12, 2016 Hi there,A security software that I use in my website runs a scan on php files every 24 hours to check for changes and when detected it provides a threat score.Normally only cache files change but today it has been the first time i see two libraries in the Revive Adserver installation have changed and a high threat score has been given to these files. they are:revive/lib/smarty/internals/core.smarty_include_php.phprevive/lib/smarty/internals/core.run_insert_handler.phpI did not upgrade anything on the Revive Installation which is on the latest version 3.2.2. Did these libraries get updated automatically?Thanks. Quote Link to comment Share on other sites More sharing options...
Sabroso Posted February 12, 2016 Author Report Share Posted February 12, 2016 it also highlighted as suspicious revive/lib/OA.phpHowever I did a file comparison between my local files on the staging environment and the files on the production site and they are identical (both based on Revive 3.2.2).It must be a false positive, right? Quote Link to comment Share on other sites More sharing options...
Erik Geurts Posted February 12, 2016 Report Share Posted February 12, 2016 Have you checked those files against the original v3.2.2 distribution files that can be downloaded from https://www.revive-adserver.com/download/ ? andrewatfornax 1 Quote Link to comment Share on other sites More sharing options...
Sabroso Posted February 12, 2016 Author Report Share Posted February 12, 2016 Hi, I just did and they are identical.Not sure why they have been reported as changed but it looks like it is a false alarm.Thank you very much! Quote Link to comment Share on other sites More sharing options...
Richard Foley Posted February 12, 2016 Report Share Posted February 12, 2016 Security software (...) are notorious for reporting "false positives". You have to be careful how much serious notice you take of their often unfounded and hysterical alerts. andrewatfornax 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.