Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Is DotNetNuke.com Insecure?Is DotNetNuke.com Insecure?
Previous
 
Next
New Post
5/23/2008 12:12 PM
 
Ed DeGagne


Ed DeGagne's Avatar

www.southvillagesoftware.com
Joined: 12/2/2003
Posts: 420

Thanks for the clarification Shawn.

 

Edward DeGagne | Applications Engineering Manager
ektron, inc.
542 Amherst Street, Route 101A | Nashua, NH 03063

Ed DeGagne
South Village Software
 
New Post
5/23/2008 12:26 PM
 
Shaun Walker


Shaun Walker's Avatar

Shaun Walker's Avatar

www.siliqon.com
Joined: 5/27/2002
Posts: 1778

I seriously am at a loss for words on this subject. Anyone with even a basic knowledge of security would understand that you need to provide the developer of the software adequate time to assess, solve, test, and release a patch before broadcasting it to the world ( PRWEB? ). Clearly PowerDNN does not have the slightest clue when it comes to these matters. But I don't buy the 'ignorance as an excuse' argument. How can anyone continue to make one brutal mistake after another? At some point you need to come to the conclusion that perhaps these are not mistakes at all. Based on recent events it is starting to become clear that PowerDNN has malicious intent and is working through a series of premeditated steps to unleash it on the DotNetNuke community. I am still waiting for the conclusion to all this which I hope will clarify the end goal. Because at this point I completely fail to understand the logic behind the actions, especially considering the fact that PowerDNN has built a successful business on the backbone of the DotNetNuke project/community. I guess time will tell...

My comments are my own and are offered WITHOUT PREJUDICE

Shaun Walker
http://www.siliqon.com
 
New Post
5/23/2008 12:37 PM
 
Adski

Joined: 3/23/2007
Posts: 27

PowerDNN issued that press releases on the 22nd of May 2008 - after being told by many people that they need to keep any security issues private – PowerDNN is still continuing to tell the world.

Maybe for issues like this you may need to rethink letting PowerDNN advertise on your site & using your trademark? I am not sure what action you can take but something needs to be done to stop stuff like this from happening again as it puts all DNN sites at risk & makes DNN look like an unsecure platform.

QUESTION TO POWER DNN:

Why was this press release made to the world??
 
New Post
5/23/2008 12:49 PM
 
Bill Yonder

Joined: 3/24/2007
Posts: 12

Hi Shaun,
Why is it you have patched DotNetNuke.com and have not released the patch to the community?  There are a lot of people out there who are vulnerable and you are taking your sweet time.

Bill  
 
New Post
5/23/2008 8:07 PM
 
Alex Shirley


Joined: 1/30/2006
Posts: 5038

There are so many threads being started it's almost impossible to keep track...

Shaun has posted a comment here:

http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/118/threadid/229572/scope/posts/Default.aspx

Alex Shirley
 
 Page 10 of 12
Previous123...9101112Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Is DotNetNuke.com Insecure?Is DotNetNuke.com Insecure?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out