Troy Goode: SquaredRoot

ASP.Net, C#, MVC, and LINQ

Massive BlogEngine.net Security Hole

Troy Goode [Permalink]
April 13, 2008 10:34 PM
A massive security hole in BlogEngine.net was just revealed that allows anyone to see your passwords... Danny Douglass just added a post to his blog where he explains the issue and provides a patched BlogEngine.Core assembly to resolve the issue until the next release of BlogEngine is available.

I would advise anyone running BlogEngine.net to immediately go to Danny's blog and download & install the fix.

The faster we can get word out about this, the faster we can shut down this particular attack vector, so please try and get the word out to any BlogEngine.net users you are aware of and please kick Danny's post at DotNetKicks.

Thanks Danny!

Kick It!
Tags: , , ,
Categories: Blogging
Actions: E-mail | Permalink | Comments (0) RSS Feed for this post's comments.

Add Comment


(Will show your Gravatar icon)  

  Country flag

biuquote
  • Comment
  • Preview
Loading




Troy Goode

Troy Goode
Microsoft Certified Professional Developer
AddThis Feed Button

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in  anyway.

© Copyright 2008

Colophon

Powered by:
BlogEngine.NET 1.4
Template:
Designs by Darren
Header Font:
Stamper
Syntax Highlighting:
WLW Code Snippet Plugin

© Copyright 2008, Troy Goode. All rights reserved.
Email Me: tgoode@squaredroot.com  Sign In