'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability

Bugtraq ID:	39357
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 09 2010 12:00AM
Updated:	Apr 09 2010 12:00AM
Credit:	Tomas Hoger
Vulnerable:	Red Hat Fedora 13 Am-utils am-utils 6.1.5
Not Vulnerable:

'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability

The 'am-utils' package is prone to a security-bypass vulnerability.

Remote attackers can exploit this issue to bypass certain security restrictions and gain access to vulnerable computers.

This issue affects 'am-utils' 6.1.5; other versions may also be vulnerable.

'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability

An attacker may exploit this issue using commonly available tools.

'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.

'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability

References:

• am-utils Homepage (Am-utils)
  
• Bug 566711 �?? am-utils: incorrect use of tcp_wrappers (Tomas Hoger)