Tag Archives: Security

PowerDNN Discovers and Patches Two Hyper-Critical Security Flaws in the Standard Dotnetnuke Framework

Posted on by
Reply

Omaha, NE (PRWEB) May 22, 2008

PowerDNN, the leader in DotNetNuke Services and Solutions, has discovered and patched two hyper-critical security flaws in the standard DotNetNuke framework.

As of Yesterday evening at 9:47PM US Central Time, the PowerDNN Engineering Team, as lead by Mr. Tony Valenti and Mr. Joseph Ravioli, discovered two Hyper-Critical security flaws in the standard DotNetNuke Framework. If left unpatched, these security flaws would allow any website visitor to alter the DotNetNuke web.config file as well as remotely execute SQL scripts against the DotNetNuke database. Since last night, the entire PowerDNN engineering team has been working around the clock to create patches for all affected versions of DotNetNuke. As of 7:42PM US Central Time, these patches have been created and deployed to all PowerDNN customers.

PowerDNN will be gradually releasing more details to the general community regarding these vulnerabilities. We realize that because of the large number of people running un-patched, standard versions of DotNetNuke, it is especially important for us to approach this issue in a sensitive and confidential manner. To aide with this, an online DotNetNuke Website Scanner is now available from PowerDNN DNN Hosting.

About PowerDNN.com

Founded in 2002, PowerDNN.com is the full circle DotNetNuke solutions provider, servicing organizations ranging from small businesses to Fortune 500 Companies to the Federal Government of the United States of America. Specializing in high-reliability, business-critical DotNetNuke solutions, PowerDNN is the clear choice of business and technology experts who demand exceptional customer service and enterprise engineering support for DotNetNuke. Additional news and information about the company is available from PowerDNN Hosting

###





More Dotnetnuke Websites Press Releases

PowerDNN Adds DotNetNuke Security Notification Services

Posted on by
Reply

Omaha, Neb. (PRWEB) March 3, 2009

Today, PowerDNN, the nation’s leading provider of advanced hosting services for the DotNetNuke(R) community has launched its DotNetNuke Security Notification Service for the DotNetNuke 4.x and DotNetNuke 5.x platform. The DotNetNuke Security Notification Service provides weekly security reports on the status and health of DotNetNuke websites.

“In the history of the DotNetNuke platform, there have been many updates, new versions, new features, and security updates. Our DotNetNuke Security Notification Service allows customers get a detailed report on the health and security of their website,” says Tony Valenti, CEO and founder of PowerDNN. “Combined with the DotNetNuke Core update system, this is an extremely valuable service that will ensure that our customers are always running the most stable and secure version of DotNetNuke.”

“Content management systems and web application frameworks are just like web-based operating systems,” says John Grange, PowerDNN’s Chief Operating Officer. “Just as you should always apply Microsoft Updates and Windows Updates on a regular basis, it is just as important that you apply updates for your content management system as well.”

PowerDNN is the only company offering free DotNetNuke security scans to its DNN hosting customers.

DotNetNuke and DNN are Registered Trademarks of DotNetNuke Corporation.

PowerDNN used with permission.

About PowerDNN.com:

Founded in 2002, PowerDNN.com is the full circle DotNetNuke solutions provider, servicing organizations ranging from small businesses to Fortune 500 Companies to the Federal Government of the United States of America. Specializing in high-reliability, business-critical DotNetNuke solutions, Power DNN is the clear choice of business and technology experts who demand exceptional customer service and enterprise engineering support for DotNetNuke. Additional news and information about the company is available at www.powerdnn.com.

Related Dotnetnuke Websites Press Releases