nanog mailing list archives
Re: Serious Cloudflare bug exposed a potpourri of secret customer data
From: Matt Palmer <mpalmer () hezmatt org>
Date: Fri, 3 Mar 2017 10:15:22 +1100
On Sat, Feb 25, 2017 at 07:21:48AM +0000, Mike Goodwin wrote:
Useful information on potentially compromised sites due to this: https://github.com/pirate/sites-using-cloudflare
"This list contains all domains that use Cloudflare DNS" That's only marginally more useful than saying "any domain matching /^.*$/"; plenty of domains use Cloudflare's DNS without using the proxy service (and it is, barely, possible to use the proxy service which had the bug without using the DNS service). - Matt -- A byte walks into a bar and orders a pint. Bartender asks him "What's wrong?" The byte says "Parity error." Bartender nods and says "Yeah, I thought you looked a bit off."
Current thread:
- Re: Serious Cloudflare bug exposed a potpourri of secret customer data Mike Goodwin (Mar 02)
- Re: Serious Cloudflare bug exposed a potpourri of secret customer data Matt Palmer (Mar 02)
- Re: Serious Cloudflare bug exposed a potpourri of secret customer data Jimmy Hess (Mar 02)
- Re: Serious Cloudflare bug exposed a potpourri of secret customer data Matt Palmer (Mar 02)