by Baker Hamilton, on May 14, 2018 2:29:15 PM

Reported Date January 8, 2018 Vendor SolarWinds Version Affected Serv-U 15.1.6.25 Summary SolarWinds Serv-U MFT 15.1.6.25 assigns authenticated users a low-entropy session token that can be included in requests to …

Read Details
Vulnerabilities:Insufficient Session ID Entropy

by Baker Hamilton, on May 11, 2018 3:52:28 PM

Reported Date January 8, 2018 Vendor SolarWinds Systems Affected Serv-U 15.1.6.25 Summary A denial-of-service vulnerability in SolarWinds Serv-U 15.1.6.25 allows an authenticated user to crash the application (with a NULL …

Read Details
Vulnerabilities:Denial of Service

Vulnerability Disclosure Policy

Bishop Fox takes security issues very seriously. We believe in coordinated disclosure, and we work closely with vendors and clients to patch vulnerabilities promptly. More on our Disclosure Policy →

Subscribe to Updates