The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0414 advisory.

    - Resolves: Bug 1540105 - CVE-2018-1054 - remote Denial of Service (DoS) via search filters in     SetUnicodeStringFromUTF_8
    - Resolves: Bug 1535539 - CVE-2017-15135 - Authentication bypass due to lack of size check in     slapi_ct_memcmp function

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 7 : 389-ds-base (ELSA-2018-0414)

high Nessus Plugin ID 107205

Version 1.6