{"version":"1.0","published":"2022-12-07 12:16:40","description":"\u306f\u3058\u3081\u306b \u57fa\u790e\u6280\u8853\u7814\u7a76\u90e8\u30ea\u30b5\u30fc\u30c1\u30a8\u30f3\u30b8\u30cb\u30a2\u306e\u672b\u5409\u3067\u3059\u3002 HTTP \u30ea\u30af\u30a8\u30b9\u30c8\u30b9\u30de\u30b0\u30ea\u30f3\u30b0(HTTP Request Smuggling: HRS)\u306e CVE \u767b\u9332\u6570\u3092\u898b\u308b\u3068\u3001\u6700\u521d\u306b\u767a\u8868\u3055\u308c\u305f 2005 \u5e74\u306b\u5927\u91cf\u306b\u767b\u9332\u3055\u308c\u3066\u4ee5\u964d\u306f\u4e0b\u706b\u50be\u5411\u3067\u30012018 \u5e74\u307e\u3067\u306f\u6bce\u5e74\u6570\u4ef6\u305a\u3064\u767b\u9332\u3055\u308c\u308b\u7a0b\u5ea6\u3067\u3057\u305f*1\u3002 \u3068\u3053\u308d\u304c 2019 \u5e74\u304b\u3089\u518d\u71c3\u3057\u3001\u4eca\u5e74\u306b\u81f3\u308b\u307e\u3067\u518d\u3073\u5927\u91cf\u306b\u767b\u9332\u3055\u308c\u3060\u3057\u3066\u3044\u307e\u3059\u3002 \u4e0a\u8a18\u306f CVE \u306e\u767b\u9332\u6570\u3060\u3051\u3092\u898b\u305f\u50be\u5411\u3067\u3059\u304c\u3001\u5b9f\u969b HTTP \u30ea\u30af\u30a8\u30b9\u30c8\u30b9\u30de\u30b0\u30ea\u30f3\u30b0\u306f 2019 \u5e74\u3092\u5883\u306b\u6025\u6fc0\u306b\u767a\u5c55\u3057\u3001\u4eca\u5e74\u306b\u81f3\u308b\u307e\u3067\u6bce\u5e74\u69d8\u3005\u306a\u65b0\u624b\u6cd5\u304c\u767a\u8868\u3055\u308c\u3001\u6ce8\u76ee\u3092\u6d74\u3073\u3066\u3044\u307e\u3059\u3002 \u305f\u3060\u3001\u305d\u306e\u5272\u306b\u306f\u65e5\u672c\u8a9e\u3067 HTTP \u2026","provider_name":"Hatena Blog","author_name":"FFRI","width":"100%","categories":["\u30a6\u30a7\u30d6","\u8106\u5f31\u6027","\u8106\u5f31\u6027-\u8106\u5f31\u6027\u653b\u6483","\u30ab\u30f3\u30d5\u30a1\u30ec\u30f3\u30b9\u30fb\u5b66\u4f1a","\u30ab\u30f3\u30d5\u30a1\u30ec\u30f3\u30b9\u30fb\u5b66\u4f1a-Black Hat"],"title":"HTTP \u30ea\u30af\u30a8\u30b9\u30c8\u30b9\u30de\u30b0\u30ea\u30f3\u30b0\u5165\u9580\u304b\u3089\u6700\u65b0\u7814\u7a76\u307e\u3067","provider_url":"https://hatena.blog","height":"190","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fengineers.ffri.jp%2Fentry%2F2022%2F12%2F07%2F121640\" title=\"HTTP \u30ea\u30af\u30a8\u30b9\u30c8\u30b9\u30de\u30b0\u30ea\u30f3\u30b0\u5165\u9580\u304b\u3089\u6700\u65b0\u7814\u7a76\u307e\u3067 - FFRI\u30a8\u30f3\u30b8\u30cb\u30a2\u30d6\u30ed\u30b0\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","url":"https://engineers.ffri.jp/entry/2022/12/07/121640","blog_url":"https://engineers.ffri.jp/","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/F/FFRI/20221028/20221028142009.png","blog_title":"FFRI\u30a8\u30f3\u30b8\u30cb\u30a2\u30d6\u30ed\u30b0","type":"rich","author_url":"https://blog.hatena.ne.jp/FFRI/"}