adv

Cloudflare 严重漏洞暴露客户机密

安全 云计算
pigsrollaroundinthem (39396)发表于 2017年02月24日 13时09分 星期五
来自这就是云安全部门
帮助 550 万家网站优化安全和性能的云服务供应商 Cloudflare 曝出了严重漏洞,能暴露客户的机密信息,包括验证用户身份的密码、cookies 和令牌。漏洞已经修复,但在修复和被发现前存在了 5 个月之久,而部分泄漏高度敏感的信息可能已被 Google 和其它搜索引擎缓存。Cloudflare CTO John Graham-Cumming 在官方博客上称,搜索引擎已经清除了敏感信息,他们没有发现任何 bug 被恶意利用的证据。bug 存在于 Cloudflare 反向代理的一个 HTML 解析器链中,导致服务器对特定 HTML 响应泄漏了伪随机内存内容。受影响的重要客户包括 Uber、1Password、FitBit 和 OKCupid,其中  1Password 表示它加密了传输的数据,没有敏感数据暴露。

评论已经自动封存,请勿再发言论
显示选项 样式:
声明: 下面的评论属于其发表者所有,不代表本站的观点和立场,我们不负责他们说什么。
  • Cloudflare 居然还主动给我发邮件(得分:1 )

    cutpigsrollaroundint(40177) Neutral 发表于2017年02月24日 21时37分 星期五
    --_----------=_MCPart_1931500701
    Content-Type: text/plain; charset=\\\"utf-8\\\"; format=\\\"fixed\\\"
    Content-Transfer-Encoding: quoted-printable

    Dear Cloudflare Customer:

    Thursday afternoon, we published a blog post describing a memory leak caused by a serious bug that impacted Cloudflare\\\'s systems. If you haven\\\'t yet, I encourage you to read that post on the bug:

    https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

    While we resolved the bug within hours of it being reported to us, there was an ongoing risk that some of our customers\\\' sensitive information could still be available through third party caches, such as the Google search cache.

    Over the last week, we\\\'ve worked with these caches to discover what customers may have had sensitive information exposed and ensure that the caches are purged. We waited to disclose the bug publicly until after these caches could be cleared in order to mitigate the ability of malicious individuals to exploit any exposed data.

    In our review of these third party caches, we discovered data that had been exposed from approximately 150 of Cloudflare\\\'s customers across our Free, Pro, Business, and Enterprise plans. We have reached out to these customers directly to provide them with a copy of the data that was exposed, help them understand its impact, and help them mitigate that impact.

    Fortunately, your domain is not one of the domains where we have discovered exposed data in any third party caches. The bug has been patched so it is no longer leaking data. However, we continue to work with these caches to review their records and help them purge any exposed data we find. If we discover any data leaked about your domains during this search, we will reach out to you directly and provide you full details of what we have found.

    To date, we have yet to find any instance of the bug being exploited, but we recommend if you are concerned that you invalidate and reissue any persistent secrets, such as long lived session identifiers, tokens or keys. Due to the nature of the bug, customer SSL keys were not exposed and do not need to be rotated.

    Again, if we discover new information that impacts you, we will reach out to you directly. In the meantime, if you have any questions or concerns, please don’t hesitate to reach out.

    Matthew Prince
    Cloudflare, Inc.
    Co-founder and CEO


    Copyright © 2017 Cloudflare, All rights reserved.
    You are receiving this email because you are a Cloudflare customer.

    Our mailing address is:
    Cloudflare
    101 Townsend Street
    San Francisco, CA 94107
    USA
  • 与之相比,GFW的中间人攻击更值得局域网用户担心。 匿名用户 (得分:0) 2017年02月25日 21时28分 星期六