[PSA] Cloudflare bug/leakage

Discussion in 'Miscellaneous' started by nfell2009, Feb 24, 2017.

  1. Hi everyone,

    While EMC doesn't use Cloudflare, it's possible you use a site which does. Cloudflare covers services like Discord, sites like SpigotMC.org, Bukkit.org and many other sites around the internet.

    A recent bug was discovered in Cloudflare which meant that someone could access information from another HTTP request. This means that someone could possibly see your username and password when logging into a site covered by Cloudflare. Search engines such as Google, Bing and Yahoo, even indexed leaked information (apparently majority is removed). Discord and other services utilising Cloudflare are saying to reset passwords because there is a chance someone could have gained access to your information.

    Sites included (the list is just too long to list it here):
    https://github.com/pirate/sites-using-cloudflare

    It is recommended that you change your passwords for those sites immediately.

    It is possible that 2FA Tokens were also leaked. 2FA may not protect accounts as the attacker can just use the 2FA token to bypass 2FA security measures.

    Sources:
    https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
    https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
    https://www.reddit.com/r/sysadmin/comments/5vu3yn/cloudbleed_seceurity_bug_cloudflare_reverse/
    TomvanWijnen likes this.
  2. Thanks for bringing this to my attention.
    nfell2009 likes this.