codebeater

General .NET, ASP.NET, C# and VB.NET discussion

Home Archive Contact Subscribe Sign in

About the author

Author Name is someone.

Send mail

Recent posts

Lines of Code as a programmer performance metricComments: 0Rating: 0 / 0
Why do so many software projects fail?Comments: 0Rating: 0 / 0
Looking for an alternative to IE and FireFox? I'm a big fan of Maxthon browserComments: 2Rating: 0 / 0
ASP.NET MVC Preview 3 ReleaseComments: 1Rating: 0 / 0
Concerned about SEO? Think twice before using that LinkButton controlComments: 1Rating: 0 / 0
CSS Message Boxes for different message typesComments: 0Rating: 0 / 0
Enterprise Library 4.0 for Visual Studio 2008 - Released!Comments: 1Rating: 0 / 0
SEO & ASP.NET: Put keywords in the URLComments: 1Rating: 0 / 0
ASP.NET AJAX Control Toolkit TabContainer Theme GalleryComments: 0Rating: 0 / 0
Generating markup to display a scaled imageComments: 0Rating: 5 / 1

Recent comments

ASP.NET MVC Preview 3 Release (1)
Busby SEO Test Pinay wrote: This great to know this technology .. have to sa… [More]
Concerned about SEO? Think twice before using that LinkButton control (1)
Busby SEO Test!!! wrote: thanks for the advice, it's worth enough. [More]
Looking for an alternative to IE and FireFox? I'm a big fan of Maxthon browser (2)
busby seo test wrote: I never try tis browser. [More]
BlogEngine.NET 1.3.0.0 Security Hole (3)
Busby SEO Test wrote: it so interesting [More]
Enterprise Library 4.0 for Visual Studio 2008 - Released! (1)
Busby SEO Test wrote: i totally agree..thanks for sharing..i really like… [More]
BlogEngine.NET 1.3.0.0 Security Hole (3)
Busby SEO TEST wrote: Has this problem being solve? it kind of scary if … [More]
SEO & ASP.NET: Put keywords in the URL (1)
Busby SEO Test wrote: great recommendation, thanks!! [More]
BlogEngine.NET 1.3.0.0 Security Hole (3)
oyun wrote: Thanks the for article [More]
Looking for an alternative to IE and FireFox? I'm a big fan of Maxthon browser (2)
Eigene Homepage wrote: That´s a nice hint, thanks. I love Firefox ve… [More]
Lessons learned; debug="true" (1)
Andre wrote: And there is so much more: - don´t use viewst… [More]

Archive

2008

Authors

Jeff (24)

Tags

Categories

Blogroll

Download OPML file OPML

OPML

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

© Copyright 2009

<< Improve ASP.NET performance by optimizing the request pipeline | Completely free PDF .NET library written in C# >>

BlogEngine.NET 1.3.0.0 Security Hole

As I mentioned here, codebeater was hacked over the weekend. Apparently, there was a flaw that would allow username and passwords to be viewed in plain text by simply viewing a specific url. I am very disappointed to learn that this information is being stored in it's raw form in BlogEngine.NET. However, kudos to the BlogEngine team for responding to the flaw as quickly as they did. Unfortunately, I received word of the fix a little too late. My site had not only been defaced but all content had been deleted.

If you are using BlogEngine.NET 1.3.0.0 please update your site to the latest version immediately. You can read more about this exploit here.

P.S. I've restored much of my previous data, although it does not appear in it's proper chronological order.

Be the first to rate this post

Currently 0/5 Stars.
1
2
3
4
5

Tags: blogengine.net

Categories: .net | News

Posted by Jeff on Sunday, April 27, 2008 11:06 PM

E-mail | Kick it! | DZone it! | del.icio.us

Permalink | Comments (3) | Post RSS RSS comment feed

RSS comment feed

Related posts

Visual Studio 2008 and .NET Framework 3.5 Service Pack 1 Beta - Nuggets of goodnessImprove ASP.NET performance by optimizing the request pipelineKigg - A Digg like application developed in ASP.NET MVC

Comments

Thursday, October 16, 2008 1:00 PM

Thanks the for article

Wednesday, December 17, 2008 5:11 AM

Has this problem being solve? it kind of scary if people can read our confidential info

Thursday, December 18, 2008 10:21 PM

it so interesting

Add comment

Name*
E-mail* (Will show your Gravatar icon)
Website
Country Country flag

Comment* [b][/b] - [i][/i] - [u][/u]- [quote][/quote]

Notify me when new comments are added

Live preview

Tuesday, January 06, 2009 8:47 PM