MVC kendo Gird page Vulnerability

2 posts, 0 answers
  1. CHIEN YIN
    CHIEN YIN avatar
    1 posts
    Member since:
    Oct 2011

    Posted 23 Jan 2015 Link to this post

    Hi,
    I am try to looking for the solution to fix  kendo Grid's vulnerability, the vulnerability had find by WebInpsect vulnerability scanner.
    when the scanner send a attack post parameter like:

    sort=%0d%0aSPIHeader:%20SPIValue&page=1&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword=

    the scanner attack sort parameter,  I got a error  "DbSortClause expressions must have a type that is order comparable.", that seems sort parameter value problem, but I never assign sort parameter,

    another problem is the scanner send another attach paramter "sort=&page=1%0d%0aSPIHeader:%20SPIValue&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword="
    I got a exception 
     System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +14345541

    It's seems another Poor Error Handling issue in kendo grid.

    Can any one give me some suggestion to fix those problems ?

    Thanks, Regards,

  2. Alexander Popov
    Admin
    Alexander Popov avatar
    1444 posts

    Posted 27 Jan 2015 Link to this post

    Hi CHIEN YIN,

    The first error is caused by the invalid sort parameter in the request. Under normal circumstances this would not occur - the same applies for the second error as well. Throwing an exception when a string is sent as a page parameter is expected. I am also not sure how this behavior qualifies as a vulnerability. The attacker is neither getting unauthorized access nor is degrading the overall performance of the service. 

    Regards,
    Alexander Popov
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
Back to Top