Baker Hamilton

Baker Hamilton

Baker Hamilton, MD, MMSc (OSCE, OSCP) focuses on application penetration testing, internal and external network penetration testing, source code review, and red teaming.

Recent Posts by Baker Hamilton:

by Baker Hamilton, on May 14, 2018 2:29:15 PM

Reported Date January 8, 2018 Vendor SolarWinds Version Affected Serv-U 15.1.6.25 Summary SolarWinds Serv-U MFT 15.1.6.25 assigns authenticated users a low-entropy session token that can be included in requests to …

Read Details
Vulnerabilities:Insufficient Session ID Entropy

by Baker Hamilton, on May 11, 2018 3:52:28 PM

Reported Date January 8, 2018 Vendor SolarWinds Systems Affected Serv-U 15.1.6.25 Summary A denial-of-service vulnerability in SolarWinds Serv-U 15.1.6.25 allows an authenticated user to crash the application (with a NULL …

Read Details
Vulnerabilities:Denial of Service

by Baker Hamilton, on May 12, 2017 2:38:58 PM

Patch Date April 10, 2017 Reported Date February 7, 2017 Vendor SolarWinds Systems Affected SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 Summary The Bishop Fox assessment team …

Read Details
Vulnerabilities:Arbitrary Command Injection

by Baker Hamilton, on May 12, 2017 2:26:42 PM

Patch Date April 10, 2017 Reported Date February 7, 2017 Vendor SolarWinds Systems Affected SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 Summary An improper access control vulnerability …

Read Details
Vulnerabilities:Improper Access Control

Vulnerability Disclosure Policy

Bishop Fox takes security issues very seriously. We believe in coordinated disclosure, and we work closely with vendors and clients to patch vulnerabilities promptly. More on our Disclosure Policy →

Subscribe to Updates