Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.
219aa7d9b7cf70a7456a29006c7032444b70633a33926ddf828895ebe52d9a93
Template Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.
cc3a0e1f01e8c577869fec6643baaacbf4c0c356f0b25da7cd5cad08f003d024