This is a critical change as a successful request with an unparseable query parameter could allow a proxy to be exploited to launch an attack against a target. After fix, Director recognizes if the outbound request has a value for the dataForm field which was not originally set in the original request. In this case, Director will forward the value of the Form field in the original request. This provides a way to ensure that the data transferred from the proxy to the application is a copy of the data in the original request.
Request
Validation Changes
This change adds additional validation for outbound requests that contain dataForm fields not originally set in the original request. After the fix, Director recognizes if the outbound request has a value for the dataForm field which was not originally set in the original request. In this case, Director will forward the value of the Form field in the original request. This provides a way to ensure that the data transferred from the proxy to the application is a copy of the data in the original request.
Summary of Major Changes from Version 1.0 to Version 2.0
Major changes coming with version 2.0 include:
- A new DataForm parameter that is processed by Director to ensure that the data transmitted between proxy and application is a copy of the data in the original request.
- Director now recognizes if an outbound request has a value for the DataForm field. If it does, it will forward this value to the application.
Vulnerability Dissection
The vulnerability that was addressed can be found in the event where a request is sent with an unparseable query parameter. This will allow a proxy to be exploited by launching an attack against a target. The vulnerability has been resolved with a fix that recognizes and rejects requests that have dataForm value set, this provides a way to ensure that the data transferred from the proxy to the application is a copy of the data in the original request.
CVE-2022-2871
This is a critical change as a successful request with an unparseable query parameter could allow a proxy to be exploited to launch an attack against a target. After fix, Director recognizes if the outbound request has a value for the dataForm field which was not originally set in the original request. In this case, Director will forward the value of the Form field in the original request. This provides a way to ensure that the data transferred from the proxy to the application is a copy of the data in the original request.
This blog post discusses how companies can use outsourcing SEO services such as Google Adwords and Facebook ads to reach their audience and increase conversion rates.
Timeline
Published on: 10/14/2022 15:15:00 UTC
Last modified on: 11/10/2022 03:46:00 UTC
References
- https://go.dev/issue/54663
- https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
- https://go.dev/cl/432976
- https://pkg.go.dev/vuln/GO-2022-1038
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/THKJHFMX4DAZXJ5MFPN3BNHZDN7BW5RI/
- https://www.oxeye.io/blog/golang-parameter-smuggling-attack
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2880