Forgot your password?
Close
typodupeerror

Submission + - Cloudflare Leaks Sensitive User Data Across the Web

Submitted by ShaunC
ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OKCupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache.

Submission + - Multiple Linux Distributions Affected by Crippling Bug in systemd (agwa.name) 1

Submitted by Anonymous Coward
An anonymous reader writes: System administrator Andrew Ayer has discovered a potentially critical bug in systemd which can bring a vulnerable Linux server to its knees with one command. "After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system." According to the bug report, Debian, Ubuntu, and CentOS are among the distros susceptible to various levels of resource exhaustion. The bug, which has existed for more than two years, does not require root access to exploit.

Slashdot Top Deals

My idea of roughing it turning the air conditioner too low.

Close