The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2765 advisory.

    - Resolves: #1358559 - CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD     operation
    - Resolves: #1361421 - CVE-2016-5416 389-ds-base: ACI readable by anonymous user (DS 48354)
    - Resolves: #1360974 - CVE-2016-5405 389-ds-base: Password verification vulnerable to timing attack

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 6 : 389-ds-base (ELSA-2016-2765)

critical Nessus Plugin ID 94907

Version 2.8