Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

AspDotNetStoreFront
  Need Help?  
Professional technical support for DotNetNuke is available from DotNetNuke Corporation.
 


  Ads  
The best choice for your web site host, email hosting, and domain registration.
 


  Sponsors  

Meet Our Sponsors

Mad Development is a full service interactive agency focusing on the merge of design, technology, e-commerce, and affiliate marketing by providing total website solutions.
AspDotNetStoreFront - E-Commerce by Design - The Leading ASP.NET shopping cart platform for developers!
Click here to go to dev.live.com for Windows Live developer resources
SteadyRain
DataSprings - Great Ideas. Always Flowing.
R2integrated - formerly bi4ce
 


DotNetNuke Forums
 
  Forum  General DotNetN...  Chat About It!  Is DotNetNuke.com Insecure?
Previous Previous
 
Next Next
New Post 5/21/2008 6:20 AM
User is offline Bill Yonder
12 posts
10th Ranked


Is DotNetNuke.com Insecure? 

I just used the security scanner from PowerDNN on DotNetNuke.com and it says that DotNetNuke.com has two hyper-critical security holes in it.  Does anyone know when DotNetNuke.com will be patched?  What about all my sites?  There aren't a lot of details, but these issues look really serious.

Bill
 
New Post 5/21/2008 8:25 AM
User is offline Mitch Sellers
5566 posts
www.mitchelsellers.com
3rd Ranked




Re: Is DotNetNuke.com Insecure? 

Bill,

I am not sure what the PowerDNN scanner actually tests.  Is it a software test or a hardware test.

If you have questions about DotNetNuke.com and security I would e-mail secuirty@dotnetnuke.com

If you want some assistance in looking at your sites, feel free to drop me a message at msellers@iowacomputergurus.com

-Mitchel Sellers
MCITP, MCPD, MCTS
CEO/Director of Development - IowaComputerGurus Inc.
LinkedIn Profile

Visit mitchelsellers.com for my mostly DNN Blog and support forum.

Visit IowaComputerGurus.com for free DNN Modules, DNN Consulting Quotes, and DNN Technical Support Services

I reccomend 3Essentials for shared hosting and BaseCamp for project management
 
New Post 5/21/2008 2:06 PM
User is offline Yehuda Tiram,
126 posts
9th Ranked


Re: Is DotNetNuke.com Insecure? 

Mitchel,

Seems like this issue is/should be in the interest of many people. Is it possible to elaborate here instead of mail?

How do I test the security of my sites? What tools should I use?

Thanks,

Yehuda
 
New Post 5/21/2008 2:53 PM
User is offline Brandon Haynes
638 posts
everysport.net
7th Ranked


Re: Is DotNetNuke.com Insecure? 
Modified By Brandon Haynes on 5/21/2008 5:54:26 PM)

Hi Yehuda,

Read this: http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryID/1838/Default.aspx

According to PowerDNN, their scanner only tests for version and not specific vulnerability.  I haven't verified this personally, and have little confidence in their organization.

The DNN core team is currently working on evaluating the issue.  I have great confidence in their ability to handle this.  You can read more about their progress here: http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/112/threadid/228802/scope/posts/Default.aspx and on the security bulletin list, here: http://www.dotnetnuke.com/Community/Blogs/tabid/825/BlogID/28/ParentBlogID/5/Default.aspx

I'd expect to hear more from them soon.

Brandon

Brandon Haynes
BrandonHaynes.org
 
New Post 5/21/2008 2:56 PM
User is offline Mitch Sellers
5566 posts
www.mitchelsellers.com
3rd Ranked




Re: Is DotNetNuke.com Insecure? 

I believe Brandon summed up the detailed of what has gone on today.

I would simply keep an eye out for updates and go from there.

-Mitchel Sellers
MCITP, MCPD, MCTS
CEO/Director of Development - IowaComputerGurus Inc.
LinkedIn Profile

Visit mitchelsellers.com for my mostly DNN Blog and support forum.

Visit IowaComputerGurus.com for free DNN Modules, DNN Consulting Quotes, and DNN Technical Support Services

I reccomend 3Essentials for shared hosting and BaseCamp for project management
 
 Page 1 of 12123...12Next 
Previous Previous
 
Next Next
  Forum  General DotNetN...  Chat About It!  Is DotNetNuke.com Insecure?
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


Easily Build DNN Solutions with XMod
XMod makes it easy to build news articles, house listings, custom feedback forms, product reviews and much more - without programming
www.DNNDev.com 		Software Development and Integration with DNN
HNP Solutions focuses on the pragmatic use of technology and process to meet an organization's business objectives. HNP Solutions employs seasoned Enterprise and Solution Architects, Delivery Managers and QA & Business Leads. Our capabilities range from project assessments & recommendations, design & code reviews, to full program implementations. We also work with organizations in need of senior staff augmentation purposes in the areas of Enterprise and Solution architecture.
www.hnpsolutions.com 		Willhite & Sharron Realtors
Exemplary service for your Seattle Real Estate needs. It's what you deserve from your Realtor®!
www.alkihomes.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP