A computer security expert has discovered several open security gaps on the web server of the CSU parliamentary group in the Bavarian state parliament. Security entrepreneur Heiko Frenzel reported in his blog that he was able to access over 800 access data from CSU politicians, employees and other users. Among them were around 300 access data for the intranet of the CSU parliamentary group.
When asked, the CSU parliamentary group confirmed that it had been made aware of security gaps in the website and the intranet offering. This process was now four months ago. The security gaps were immediately closed by the responsible external service provider.
During his unsolicited security check, Frenzel had discovered, among other things, that the web server was not protected against so-called cross-site scripting (XSS). In this case, attackers can smuggle malicious scripts into the server and make them run on the server. In addition, unfiltered inquiries could be made to the database. With this so-called SQL injection you can execute any commands within the database. This means that all data can also be read out.
Usernames and passwords of CSU MPs discovered
In addition to the user names, the hacker also discovered the associated passwords, which were only protected with the outdated MD5 method. This type of encryption has been cracked by a conventional PC for years.
Another security hole allowed him to download any files from the server, reported Frenzel. Among them was a “configuration file with a seemingly endless list of all access data”. These access data could have manipulated the MPs’ personal websites, among other things.
Frenzel confirmed the faction’s information that the security gaps had now been closed. The entrepreneur recommended the CSU politicians and other affected users to change their password and to refrain from easily guessing passwords such as “andi2020”.