Security researcher finds hole in government server

Feb 5, 2020 09:41 GMT  ·  By

Israel makes the headlines every once in a while thanks to what they claim is state-of-the-art cybersecurity, but this doesn’t necessarily mean that finding flaws in its systems is something that can’t be done.

Security researcher Eitan Caspi certainly knows this best, as he recently discovered an open SSH access on an Israeli government DNS server after checking the quality of HTTPS sites of the gov.il subdomains.

Using an online SSL checker developed by Qualys, Caspi analyzed the SSL configuration on servers, eventually receiving a reply on port 22 from one of the checked IPs. Port 22 is used by SSH, a service that allows administrators to connect to Linux servers, and Caspi says that the open access allowed him to try to log in.

Israeli security staff quick to take action

The open access vulnerability was reported to the Israeli CERT during the same day.

“I sent this finding at 16:28 to the Israeli national CERT and after ten minutes I also managed to correspond with someone I am in contact with, who was senior in government’s information security department, and he forwarded this issue to another security senior in the government’s IT, and he passed the details on to those who can fix this issue,” the security researcher explains.

A few hours later, the port was closed and the access was blocked, Caspi reveals.

However, after further analysis he discovered that the server used an old version known for including several vulnerabilities. The server was running OpenSSH version 7.4p1, which was released in December 2016, so it was already more than three years old.

“Since then several versions and a few security fixes for various security issues were released for OpenSSH, which are probably missing now from server. I hope they will update what is needed as soon as possible,” the security researcher explains in his analysis.