'Mark-of-the-Beast' bug topples Java apps
A bug in Oracle's Java programming framework causes computers to freeze when they encounter certain numerical values with large numbers of decimal places, a flaw that makes websites susceptible to highly efficient denial-of-service attacks.
The vulnerability in the latest version of Java is similar to a flaw discovered last month that plagued the PHP language. It is trigged when applications attempt to process values such as 2.2250738585072011e-308. Systems running both Windows- and Linux-based apps that try to assign the value to a “double” variable succumb to an infinite loop that consumes 100 percent of their CPU's resources.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump