Hi,
I am try to looking for the solution to fix kendo Grid's vulnerability, the vulnerability had find by WebInpsect vulnerability scanner.
when the scanner send a attack post parameter like:
sort=%0d%0aSPIHeader:%20SPIValue&page=1&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword=
the scanner attack sort parameter, I got a error "DbSortClause expressions must have a type that is order comparable.", that seems sort parameter value problem, but I never assign sort parameter,
another problem is the scanner send another attach paramter "sort=&page=1%0d%0aSPIHeader:%20SPIValue&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword="
I got a exception
System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +14345541
It's seems another Poor Error Handling issue in kendo grid.
Can any one give me some suggestion to fix those problems ?
Thanks, Regards,
I am try to looking for the solution to fix kendo Grid's vulnerability, the vulnerability had find by WebInpsect vulnerability scanner.
when the scanner send a attack post parameter like:
sort=%0d%0aSPIHeader:%20SPIValue&page=1&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword=
the scanner attack sort parameter, I got a error "DbSortClause expressions must have a type that is order comparable.", that seems sort parameter value problem, but I never assign sort parameter,
another problem is the scanner send another attach paramter "sort=&page=1%0d%0aSPIHeader:%20SPIValue&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword="
I got a exception
System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +14345541
It's seems another Poor Error Handling issue in kendo grid.
Can any one give me some suggestion to fix those problems ?
Thanks, Regards,
1 Answer, 1 is accepted
0
Hi CHIEN YIN,
The first error is caused by the invalid sort parameter in the request. Under normal circumstances this would not occur - the same applies for the second error as well. Throwing an exception when a string is sent as a page parameter is expected. I am also not sure how this behavior qualifies as a vulnerability. The attacker is neither getting unauthorized access nor is degrading the overall performance of the service.
Regards,
Alexander Popov
Telerik
The first error is caused by the invalid sort parameter in the request. Under normal circumstances this would not occur - the same applies for the second error as well. Throwing an exception when a string is sent as a page parameter is expected. I am also not sure how this behavior qualifies as a vulnerability. The attacker is neither getting unauthorized access nor is degrading the overall performance of the service.
Regards,
Alexander Popov
Telerik
Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.