This is a migrated thread and some comments may be shown as answers.

MVC kendo Gird page Vulnerability

1 Answer 147 Views
Grid
This is a migrated thread and some comments may be shown as answers.
CHIEN YIN
Top achievements
Rank 1
CHIEN YIN asked on 23 Jan 2015, 09:14 AM
Hi,
I am try to looking for the solution to fix  kendo Grid's vulnerability, the vulnerability had find by WebInpsect vulnerability scanner.
when the scanner send a attack post parameter like:

sort=%0d%0aSPIHeader:%20SPIValue&page=1&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword=

the scanner attack sort parameter,  I got a error  "DbSortClause expressions must have a type that is order comparable.", that seems sort parameter value problem, but I never assign sort parameter,

another problem is the scanner send another attach paramter "sort=&page=1%0d%0aSPIHeader:%20SPIValue&pageSize=6&group=&filter=&AreaId=-1&DisciplineId=-1&FieldId=-1&MajorId=-1&Keyword="
I got a exception 
 System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +14345541

It's seems another Poor Error Handling issue in kendo grid.

Can any one give me some suggestion to fix those problems ?

Thanks, Regards,

1 Answer, 1 is accepted

Sort by
0
Alexander Popov
Telerik team
answered on 27 Jan 2015, 12:44 PM
Hi CHIEN YIN,

The first error is caused by the invalid sort parameter in the request. Under normal circumstances this would not occur - the same applies for the second error as well. Throwing an exception when a string is sent as a page parameter is expected. I am also not sure how this behavior qualifies as a vulnerability. The attacker is neither getting unauthorized access nor is degrading the overall performance of the service. 

Regards,
Alexander Popov
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Tags
Grid
Asked by
CHIEN YIN
Top achievements
Rank 1
Answers by
Alexander Popov
Telerik team
Share this question
or