Omaha, NE (PRWEB) May 22, 2008
PowerDNN, the leader in DotNetNuke Services and Solutions, has discovered and patched two hyper-critical security flaws in the standard DotNetNuke framework.
As of Yesterday evening at 9:47PM US Central Time, the PowerDNN Engineering Team, as lead by Mr. Tony Valenti and Mr. Joseph Ravioli, discovered two Hyper-Critical security flaws in the standard DotNetNuke Framework. If left unpatched, these security flaws would allow any website visitor to alter the DotNetNuke web.config file as well as remotely execute SQL scripts against the DotNetNuke database. Since last night, the entire PowerDNN engineering team has been working around the clock to create patches for all affected versions of DotNetNuke. As of 7:42PM US Central Time, these patches have been created and deployed to all PowerDNN customers.
PowerDNN will be gradually releasing more details to the general community regarding these vulnerabilities. We realize that because of the large number of people running un-patched, standard versions of DotNetNuke, it is especially important for us to approach this issue in a sensitive and confidential manner. To aide with this, an online DotNetNuke Website Scanner is now available from PowerDNN DNN Hosting.
Founded in 2002, PowerDNN.com is the full circle DotNetNuke solutions provider, servicing organizations ranging from small businesses to Fortune 500 Companies to the Federal Government of the United States of America. Specializing in high-reliability, business-critical DotNetNuke solutions, PowerDNN is the clear choice of business and technology experts who demand exceptional customer service and enterprise engineering support for DotNetNuke. Additional news and information about the company is available from PowerDNN Hosting