Serious Cloudflare

Panic Station · Feb 24, 2017

ATTN: Sites using Cloudflare discovered to contain major vulnerability. Recommendation is to change passwords for all affected sites you use. See list below to determine if you've been using any at-risk sites.

https://github.com/pirate/sites-using-cloudflare

Luckily, Smogon isn't on the list, but this info is too important to not share.

EDIT: Fixed the link.

Samoyed · Feb 24, 2017

link doesn't work?

Idyll · Feb 24, 2017

xenforo was hit too, so this forum is prolly affected as well. better to change passwords here just to be safe

Saria · Feb 24, 2017

xenforo.com the site isn't the same as Xenforo forum software. But many major sites use cloudflare, and I know PO used it (can't confirm if they still do) and and lots of our members have account on that site, so it's probably a good idea to change your password anyway.

Blue_Tornado · Feb 24, 2017

Here's the blog post from the Clouldflare folks:
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

Note that this isn't a security issue but a bug on the server's part which would very rarely mess up HTTP requests, returning the contents of memory, which could be anything from sensitive info to random gibberish. There was no way to target specific info such as passwords and no evidence of malicious exploits was found so far.

Uh, what this means is that you MIGHT want to change passwords anyway, but we're probably fine.

Some major sites that use Clouldflare:
Uber
Reddit
Yelp
Patreon
Crunchyroll
4chan
Discord

Serious Cloudflare

Panic Station

Samoyed

Idyll

xD

Saria

Blue_Tornado

Users Who Are Viewing This Thread (Users: 1, Guests: 0)