SAD DNS Explained
November 13, 2020 7:06PM
DNS
Security
DNS Poisoning
Side Channels
Vulnerabilities
Researchers from UC Riverside and Tsinghua University found a new way to revive a decade-old DNS cache poisoning attack. Read our deep dive into how the SAD DNS attack on DNS resolvers works, how we protect against this attack in 1.1.1.1, and what the future holds for DNS cache poisoning attacks....
CVE-2020-5902: Helping to protect against the F5 TMUI RCE vulnerability
July 07, 2020 6:04PM
WAF Rules
Security
Vulnerabilities
Cloudflare has deployed a new managed rule protecting customers against a remote code execution vulnerability that has been found in F5 BIG-IP’s web-based Traffic Management User Interface (TMUI)....
Cloudflare response to CPDoS exploits
October 24, 2019 6:27PM
Attacks
Vulnerabilities
Three vulnerabilities were disclosed as Cache Poisoning Denial of Service attacks in a paper written by Hoai Viet Nguyen, Luigi Lo Iacono, and Hannes Federrath of TH Köln - University of Applied Sciences. These attacks are similar to the cache poisoning attacks presented last year at DEFCON....
Cloudflare’s protection against a new Remote Code Execution vulnerability (CVE-2019-16759) in vBulletin
September 28, 2019 11:54PM
Vulnerabilities
vBulletin
WAF
Security
Cloudflare has released a new rule as part of its Cloudflare Specials Rulesets, to protect our customers against a high-severity vulnerability in vBulletin. A new zero-day vulnerability was discovered for vBulletin, a proprietary Internet forum software....