Register | Log In
Download Contact
Resources > Forums
HomeHomeDotNetNuke Forg...DotNetNuke Forg...Module ForumsModule ForumsStoreStoreDNN sites infected by this virus JS.RunforeDNN sites infected by this virus JS.Runfore
Previous
 
Next
New Post
7/8/2012 7:26 PM
 
User is offline Matthias Schlomann


Matthias Schlomann's Avatar

www.aarsys.de
Joined: 8/10/2003
Posts: 3101
IUser or IUsers should have only read permissions.  The application pool user must have read, write, change and execute permissions.  All settings have to inherit to all subfolders and files.
Regards
Matthias
www.aarsys.de
Metro7 Skin
ShoutCastStats Module for DNN
 
New Post
7/9/2012 4:30 AM
 
User is offline Jones


Joined: 3/30/2010
Posts: 10

Thanks Matthias Schlomann,

I will ask my host to make these permission changes! Hopefully, I'll recover my site in a jiffy!

Regards
Jones
 
New Post
7/9/2012 4:38 PM
 
User is offline Vitor Duarte


Joined: 4/18/2009
Posts: 3

Hi Mathias,the issue is more danger.

I investigate the issue with my hosting provider, and this attack is due to a vulnerabilityof the Parallels control panel used in many windows hosting providers. The attack is done using file manager of control panel . Parallels already provide a fix for this.

Jones, keep watching your sites, because if the attacks keep come again your hosting provider must apply the fix.

The last version of the virus attack JS files and de default.aspx file, for all windows sites running on Parallels, not only DNN sites.

 
 
New Post
7/9/2012 5:58 PM
 
User is offline Matthias Schlomann


Matthias Schlomann's Avatar

www.aarsys.de
Joined: 8/10/2003
Posts: 3101

Hi Vitor,

I was thinking about we already post that it is a vulnerability not DNN related, but infectet hosts if there are any security issues on it.  But this would not supported from DNN.  About there was asking about the correct DNN permissions I have answered it. 

Well on a Parallels PLESK hosting infected system the hoster or server admin had to desinfect and close the security issue, but not DotNetNuke.

 

Regards
Matthias
www.aarsys.de
Metro7 Skin
ShoutCastStats Module for DNN
 
New Post
7/9/2012 6:04 PM
 
User is offline Matthias Schlomann


Matthias Schlomann's Avatar

www.aarsys.de
Joined: 8/10/2003
Posts: 3101
I would provide some removal information for infected systems. I found this usefull instructions on Symantec page http://www.symantec.com/security_resp...
Regards
Matthias
www.aarsys.de
Metro7 Skin
ShoutCastStats Module for DNN
 
 Page 2 of 3
Previous123Next 
Previous
 
Next
HomeHomeDotNetNuke Forg...DotNetNuke Forg...Module ForumsModule ForumsStoreStoreDNN sites infected by this virus JS.RunforeDNN sites infected by this virus JS.Runfore


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.

Attend A Webinar
Start Professional Edition Trial
Have Someone Contact Me

Like Us on Facebook Join our Network on LinkedIn Follow DNN Corporate on Twitter Follow DNN on Twitter

Advertisers

Sponsors

DotNetNuke Corporation

DotNetNuke (DNN) provides a suite of solutions that make designing, building and managing feature-rich sites and communities fast, easy and cost-effective. The DotNetNuke Platform CMS is the foundation for more than one million websites worldwide. DNN Social, our newest solution, enables businesses to create immersive, interactive communities. Thousands of organizations like True Value Hardware, Bose, Cornell University, Glacier Water, Dannon, Delphi, USAA, NASCAR, Northern Health and the City of Denver have leveraged DNN to deploy highly engaging business- critical websites. Our rapid growth in product sales and deployments resulted in DotNetNuke Corp. being named one of the fastest growing private companies in America by Inc. Magazine in 2011 and 2012.
Copyright © 2002-2013 DotNetNuke Corp. / Terms of Use / Privacy
Hosted by MaximumASP