A Security vulnerability has been found in Direct Web Reporting (DWR) module of AJAX based applications by Imperva Application Defense Center. According to this, the client level application, throgh which a attacker can create more and more browser requests, using DWR. Though the requests doesnt reach the server, the client system is more affected as, for each and every browse request a memory space is allocated locally. At the same time, the browser request can manually manipulated to change the action codes to the server, through which the backend databases can be accesed or a denial of service output.

Amichai Shulman the CTO of Imperva and head of the Imperva Application Defense Center (ADC) explains to Ajax world Magazine:

"AJAX DWR includes two mechanisms that restrict access to sensitive functions (or “methods”). However, these mechanisms only affect client side code. Thus, an attacker can circumvent these restrictions using commonly available client tools (e.g. an HTTP client proxy) to manually manipulate browser requests. An exploit of this vulnerability can result in multiple damaging outcomes including data theft and denial of service."
Shulman gives an example of a sensitive Java function that may be accessed by an exploit of the AJAX DWR Restricted Method Vulnerability: it is called “Java clone”.

"Although access to Java clone is generally undesirable," he explains, "the DWR Forceful Method Invocation vulnerability can be exploited to construct requests that repeatedly invoke this function. Since server memory space is allocated for each Java clone invocation, a steep increase in server resource usage and denial of service conditions follow. The Imperva Application Defense Center has implemented tests confirming this result. Forceful access to other sensitive Web site functions can lead to alternative outcomes such as data theft."

Mitigating AJAX DWR Forceful Method Invocation risk, Shulman adds, requires secure code development to eliminate exposed classes that have methods which should not be invoked by the client:

"The code writing effort varies in complexity depending upon the phase of Web application deployment. Securing applications during initial development is less costly than securing existing applications. Imperva’s SecureSphere Web Application Firewall can be used to accelerate and reduce the cost of risk mitigation – especially for existing Web applications."
"Whenever possible,: Shulman concludes, "Web application security logic should be implemented in server code. Server logic is less accessible to attackers and therefore less vulnerable."

Bookmark this post to:

Related Posts

• A Walk into the World of Web Metrics
• The WATBlog List of Top Social Media Platforms to Roll Out Your Web 2.0 Plans
• A tête-à-tête with Chris Osbourne, Founder & CEO of FeedZa
• Love, Proposal, Break-up And Divorce 2.0
• 5 Web 2.0 Tools To Leverage Your Brand Image