+1-888-365-2779
Try Now
More in this section

Forums / Security / High Risk Security Vulnerability

High Risk Security Vulnerability

4 posts, 0 answered
  1. Mark Litchfield
    Mark Litchfield avatar
    1 posts
    Registered:
    21 Oct 2009
    22 Oct 2009
    Link to this post
    Could someone from Sitefinity please contact me.  I have recently conducted a web application security test for a client and have discovered a high risk security issue allowing remote shell commands to be run on the server from an unauthenticated user.  Please contact me by email so I can explain the issue so you can create a patch to resolve it.

    Thanks in advance

    Mark Litchfield
    www.ngssoftware.com
  2. Nikolai
    Nikolai avatar
    216 posts
    Registered:
    21 Nov 2016
    22 Oct 2009
    Link to this post
    Hi Mark Litchfield,

    We sent you an e-mail to the one specified in your Client.net account. If you have not received it please let us know. We will examine the problem and send you feedback.

    Best wishes,
    Nikolai
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
  3. Nathan J Pledger
    Nathan J Pledger avatar
    27 posts
    Registered:
    21 Apr 2006
    25 Oct 2009
    Link to this post
    Hi,

    Can you please reassure other users (obviously without exposing specifics) that this security issue has been addressed? We are looking at using SiteFinity as an option for some of our sites and it would be a very bad if we exposed them to security risks.

    Thanks
  4. Nikolai
    Nikolai avatar
    216 posts
    Registered:
    21 Nov 2016
    26 Oct 2009
    Link to this post
    Hi Mark Litchfield,

    Yes, this will be fixed in our next ServicePack release.

    Kind regards,
    Nikolai
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
Register for webinar
4 posts, 0 answered