Welcome!

AJAX & REA Authors: Jeremy Geelan, Bryan O'Rourke, RealWire News Distribution, Rob Rusher, Roger Strukhoff

Related Topics: AJAX & REA, Virtualization

AJAX & REA: Article

AJAX & Security: Vulnerability in DWR Security Logic Identified

Can potentially be exploited to launch DoS attacks and break into back-end servers
By RIA News Desk
Article Rating:
January 8, 2007 06:15 PM EST
Reads:
 12,362

(SYS-CON Media) –  A significant vulnerability in the security logic of a well known open source AJAX library called DWR has been identified by the Imperva Application Defense Center.

According to Amichai Shulman (pictured), CTO of Imperva and head of the Imperva Application Defense Center (ADC):

"AJAX DWR includes two mechanisms that restrict access to sensitive functions (or “methods”). However, these mechanisms only affect client side code. Thus, an attacker can circumvent these restrictions using commonly available client tools (e.g. an HTTP client proxy) to manually manipulate browser requests. An exploit of this vulnerability can result in multiple damaging outcomes including data theft and denial of service."
Shulman gives an example of a sensitive Java function that may be accessed by an exploit of the AJAX DWR Restricted Method Vulnerability: it is called “Java clone”.

"Although access to Java clone is generally undesirable," he explains, "the DWR Forceful Method Invocation vulnerability can be exploited to construct requests that repeatedly invoke this function. Since server memory space is allocated for each Java clone invocation, a steep increase in server resource usage and denial of service conditions follow. The Imperva Application Defense Center has implemented tests confirming this result. Forceful access to other sensitive Web site functions can lead to alternative outcomes such as data theft."

Mitigating AJAX DWR Forceful Method Invocation risk, Shulman adds, requires secure code development to eliminate exposed classes that have methods which should not be invoked by the client:

"The code writing effort varies in complexity depending upon the phase of Web application deployment. Securing applications during initial development is less costly than securing existing applications. Imperva’s SecureSphere Web Application Firewall can be used to accelerate and reduce the cost of risk mitigation – especially for existing Web applications."
"Whenever possible,: Shulman concludes, "Web application security logic should be implemented in server code. Server logic is less accessible to attackers and therefore less vulnerable."

Published January 8, 2007 – Reads 12,362
Copyright © 2007 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

More Stories By RIA News Desk

Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

Comments (2) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
clarif67 01/06/07 12:57:44 PM EST

So DWR is "easy Ajax for Java"? It seems to allow you to export your Java code to a browser and include the results in your pages.
clarif67 01/06/07 12:57:37 PM EST

So DWR is "easy Ajax for Java"? It seems to allow you to export your Java code to a browser and include the results in your pages.
Cloud Expo Breaking News
By Roger Strukhoff
From internal collaboration to supplier and customer interactions, enterprises are discovering new ways of increasing productivity, process accountability, and connecting those challenging "white spaces" that exist betwe...
Mar. 21, 2010 08:23 AM EDT  Reads: 104
By Roger Strukhoff
3rd Generation outsourcing is here! 1st Generation was “your mess for less”; 2nd Generation is strategic or selective sourcing, including hosting. 3rd Generation Outsourcing, as a result of the emergence of Cloud Computi...
Mar. 21, 2010 05:53 AM EDT
By Pat Romanski
NaviCloud is a next-generation platform that combines the economic efficiencies of cloud computing with true enterprise-class reliability and security. With built-in high-availability, a state of the art operations cente...
Mar. 20, 2010 08:45 AM EDT  Reads: 536
By Pat Romanski
SYS-CON Events announced today that VirtuDataCenter, a cloud computing network infrastructure company, will offer a complete turnkey alternative to today’s cloud computing solutions. They will exhibit at SYS-CON's 5th In...
Mar. 20, 2010 07:00 AM EDT  Reads: 336
By Liz McMillan
You are interested in cloud computing, but where do you start? How are vendors defining Cloud Computing? What do you need to know to figure out which applications make sense in the cloud? And is any of this real today? ...
Mar. 20, 2010 05:45 AM EDT  Reads: 387
MORE »