Vulnerable software running on mra.gov.mu
November 5, 2014
At the time of writing this article, a particular Government website is riddled with outdated software. One reached End-of-Life (EOL) back in September 2012. The same piece of software has at minimum nineteen known vulnerabilities. Yes, we’re talking of Joomla 1.5 which is running the Mauritius Revenue Authority website.
Talking of vulnerabilities, we should mention Apache web server v2.2.17 (released on 19 October 2010) which has a list of sixteen known vulnerabilities.
Email sent to CERT-MU (Mauritian National Computer Security Incident Response Team). However, be on guard when submitting sensitive information through the MRA website.
E-filing is done through another Java based platform which is different from the Joomla CMS. I can't comment about the security level of that application as I do not have specific information regarding the same.