DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.
Prev
Next

DotNetNuke, DCOM, Juicy Potato

Forums > Administration and Configuration
Sort:
You are not authorized to post a reply.





TechieMD

Growing Member



Posts:37
Growing Member




1/1/2020 4:07 PM

    Plesk is showing my server may be vulnerable to Juicy Potato exploit.  

    Apparently disabling DCOM on server will fix this.  The only other fix is to upgrade to Windows Server 2019.

    1. Does DNN need DCOM enabled? 

    2. If yes, is the only option to protect my server upgrading to 2019?






    Michael Tobisch

    Veteran Member



    Posts:1124
    Veteran Member




    1/2/2020 2:11 AM
      Hi,

      as far as I know, DCOM is not necessary for DNN - saying that, it could be possible that one of the 3rd party extensions you use or anything else on the server needs DCOM (and I can't say anything about that, as I don't know about it).

      I would try to turn it off and see what happens, but check if the Plesk components (or anything you use to access your server) need DCOM before you do that, otherwise you will lock out yourself...

      Happy DNNing!
      Michael

      Michael Tobisch
      DNN★MVP

      dnnWerk Austria
      DNN Connect





      Mariette Knap

      Advanced Member



      Posts:155
      Advanced Member




      1/2/2020 5:21 AM

        Here are the instructions How to disable DCOM support in Windows. I have it disabled and DNN runs fine.

        Mariette Knap
        Microsoft MVP Alumni





        Mark Buelsing

        Growing Member



        Posts:80
        Growing Member




        1/3/2020 10:30 AM

          My hosting company, DNN4Less.com, patched my server as soon as Juicy Potato was announced. 

          You are not authorized to post a reply.

          These Forums are dedicated to the discussion of DNN Platform.

          For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

          1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
          2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
          3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
          4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
          5. No Flaming or Trolling.
          6. No Profanity, Racism, or Prejudice.
          7. Site Moderators have the final word on approving / removing a thread or post or comment.
          8. English language posting only, please.

          Would you like to help us?

          Awesome! Simply post in the forums using the link below and we'll get you started.

          Get Involved